Description: Externalize session config to yml in /etc Forwarded: not-needed Author: Jérémy Lal Last-Update: 2010-01-10 --- redmine.orig/lib/tasks/initializers.rake +++ redmine/lib/tasks/initializers.rake @@ -1,11 +1,12 @@ desc 'Generates a secret token for the application.' +task :generate_secret_token do -file 'config/initializers/secret_token.rb' do - path = File.join(Rails.root, 'config', 'initializers', 'secret_token.rb') - secret = SecureRandom.hex(40) - File.open(path, 'w') do |f| - f.write <<"EOF" -# This file was generated by 'rake generate_secret_token', and should +filename = ENV['YML_SESSION_FILENAME'] ? ENV['YML_SESSION_FILENAME'] : 'session.yml' +path = File.join(ENV['RAILS_ETC'] ? ENV['RAILS_ETC'] : File.join(Rails.root, 'config'), filename) +secret = SecureRandom.hex(40) +File.open(path, 'w') do |f| + f.write <<"EOF" +# This file was generated by 'rake generate_session_store', # not be made visible to public. # If you have a load-balancing Redmine cluster, you will need to use the # same version of this file on each machine. And be sure to restart your @@ -15,10 +18,18 @@ file 'config/initializers/secret_token.r # change this key, all old sessions will become invalid! Make sure the # secret is at least 30 characters and all random, no regular words or # you'll be exposed to dictionary attacks. -RedmineApp::Application.config.secret_token = '#{secret}' + +production: + key: _redmine_ + secret: #{secret} + +development: + key: _redmine_ + secret: #{secret} + +test: + key: _redmine_ + secret: #{secret} EOF end end - -desc 'Generates a secret token for the application.' -task :generate_secret_token => ['config/initializers/secret_token.rb'] --- redmine.orig/config/application.rb +++ redmine/config/application.rb @@ -66,7 +66,20 @@ module RedmineApp # move tmp directory to RAILS_TMP config.paths['tmp'] = ENV['RAILS_TMP'] - config.session_store :cookie_store, :key => '_redmine_session' + # loads cookie based session session and secret keys + # this is needed here because initializers are loaded after plugins, + # and some plugins initialize ActionController which requires a secret to be set. + # crash if file not found + relativeUrlRoot = ENV['RAILS_RELATIVE_URL_ROOT'] + filename = ENV['RAILS_ETC'] ? File.join(ENV['RAILS_ETC'], 'session.yml') : File.join(File.dirname(__FILE__), '..', 'session.yml') + if File.exists?(filename) + sessionconfig = YAML::load_file(filename) + config.session_store :cookie_store, :key => sessionconfig[Rails.env]['key'], :path => (relativeUrlRoot.blank?) ? '/' : relativeUrlRoot + config.secret_token = sessionconfig[Rails.env]['secret'] + else + # temporary settings before session.yml is created + config.session_store :cookie_store, :key => '_redmine_session', :path => (relativeUrlRoot.blank?) ? '/' : relativeUrlRoot + end # log path config.paths['log'] = File.join(ENV['RAILS_LOG'], "#{Rails.env}.log") unless !ENV['RAILS_LOG']