externalize secret token

11 years ago · a465292406
3 changed files with 4 additions and 1 deletions
--- a/config/initializers/secret_token.rb
+++ b/config/initializers/secret_token.rb
@ -4,4 +4,4 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-Entrydns::Application.config.secret_key_base = '0ce1f02a4b3fc4d1a1c8d22973b21e8589e9314dc338294953f0b985e3f44f12c8af74f2d9ba6f7c7bdb736c4efc5ea3f8135e23b1a036d033cd23331383ac75'
+Entrydns::Application.config.secret_key_base = Settings.secret_key_base
--- a/config/settings.sample.yml
+++ b/config/settings.sample.yml
@ -1,3 +1,6 @@
+# framework
+secret_key_base: 0ce1f02a4b3fc4d1a1c8d22973b21e8589e9314dc338294953f0b985e3f44f12c8af74f2d9ba6f7c7bdb736c4efc5ea3f8135e23b1a036d033cd23331383ac75
+
 # application
 default_ttl: 3600
 min_ttl: 60
--- a/vendor/plugins/.gitkeep
+++ b/vendor/plugins/.gitkeep