From 44f20f7c3907d500adde0edc87c90b2cd339acea Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 22 Mar 2017 10:10:16 +0100 Subject: webapp: add secret_key_base to config This replaces the secret_token from rails 4.1 on. Both are used for securing cookies in the browser. The secret_key_base will also encrypt the cookies while the token will only sign them. Keeping the token in there for now allows us to migrate existing sessions / cookies to the new secrets. We can remove it in the next version once all providers have run with secret_key_base for a while. --- puppet/modules/site_webapp/manifests/init.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_webapp/manifests') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 1ae80012..deb8e8c8 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -10,6 +10,7 @@ class site_webapp { $provider_domain = $node_domain['full_suffix'] $webapp = hiera('webapp') $api_version = $webapp['api_version'] + $secret_key_base = $webapp['secret_key_base'] $secret_token = $webapp['secret_token'] $tor = hiera('tor', false) $sources = hiera('sources') -- cgit v1.2.3