Hi folks,
I have a simple Rails app that is using the encrypts
feature, which is working fine in other environments (and keeping it running on a local dev server is fine), but after some time (around 24 hours typically) anything that accesses the model that uses encrypts
throws an exception:
[...snip...] ActiveRecord::Encryption::Errors::Configuration (key_derivation_salt is not configured. Please configure it via credential active_record_encryption.key_derivation_salt or by setting config.active_record.encryption.key_derivation_salt):
If I redeploy (using flyctl deploy
), the error goes away and things are fine for a while longer. To ensure that things were being set, and the environment wasn’t vanishing, I use ENV variables in the config/database.yml
:
active_record_encryption:
primary_key: <%= ENV.fetch("ACTIVERECORD_PRIMARY_KEY") %>
deterministic_key: <%= ENV.fetch("ACTIVERECORD_DETERMINISTIC_KEY") %>
key_derivation_salt: <%= ENV.fetch("ACTIVERECORD_KEY_SALT") %>
Each value is set, and it works without error for a while but then the next morning when I come back it’s broken again until I flyctl deploy
.
What’s really peculiar is that flyctl restart <app>
does not fix the issue. I have to run flyctl deploy
(I’m not confident in this, as I’ve only tried flyctl restart
once and it may be a red herring).
I’m a bit at a loss for what to do to debug, hoping someone can give me some insights into this. Even if I put the key values directly in config/database.yml
the problem will occur.
Any help is appreciated!