move secret token into the config.yaml

2 files changed, 3 insertions, 6 deletions

diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index 1e6abe42..636a156d 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -111,12 +111,8 @@ class site_webapp {
       content => template('site_webapp/config.yml.erb'),
       owner   => leap-webapp,
       group   => leap-webapp,
-      mode    => '0600';
-
-    '/srv/leap-webapp/config/initializers/secret_token.rb':
-      content => "LeapWeb::Application.config.secret_token = '${secret_token}'\n",
-      owner   => leap-webapp, group => leap-webapp, mode => '0644',
-      notify => Service['apache'];
+      mode    => '0600',
+      notify  => Service['apache'];
   }
 
   include site_shorewall::webapp
diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb
index af778212..83348d94 100644
--- a/puppet/modules/site_webapp/templates/config.yml.erb
+++ b/puppet/modules/site_webapp/templates/config.yml.erb
@@ -4,6 +4,7 @@ production:
   domain: <%= @provider_domain %>
   client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %>
   client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %>
+  secret_token: "<%= @secret_token %>"
 
 cert_options:
   client_cert_lifespan: <%= cert_options['life_span'].to_i %>