From 44f20f7c3907d500adde0edc87c90b2cd339acea Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Wed, 22 Mar 2017 10:10:16 +0100
Subject: webapp: add secret_key_base to config

This replaces the secret_token from rails 4.1 on.

Both are used for securing cookies in the browser. The secret_key_base
will also encrypt the cookies while the token will only sign them.

Keeping the token in there for now allows us to migrate existing sessions
/ cookies to the new secrets. We can remove it in the next version once
all providers have run with secret_key_base for a while.
---
 puppet/modules/site_webapp/manifests/init.pp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'puppet/modules/site_webapp/manifests/init.pp')

diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index 1ae80012..deb8e8c8 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -10,6 +10,7 @@ class site_webapp {
   $provider_domain  = $node_domain['full_suffix']
   $webapp           = hiera('webapp')
   $api_version      = $webapp['api_version']
+  $secret_key_base  = $webapp['secret_key_base']
   $secret_token     = $webapp['secret_token']
   $tor              = hiera('tor', false)
   $sources          = hiera('sources')
-- 
cgit v1.2.3