diff --git a/config/environments/preproduction.rb b/config/environments/preproduction.rb index 17e1b9439..39c060f13 100644 --- a/config/environments/preproduction.rb +++ b/config/environments/preproduction.rb @@ -47,7 +47,8 @@ Rails.application.configure do # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = true + # Configure force_ssl in secrets.yml + config.force_ssl = Rails.application.secrets.force_ssl # Use the lowest log level to ensure availability of diagnostic information # when problems arise. diff --git a/config/environments/production.rb b/config/environments/production.rb index 245973eb9..707331124 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -49,7 +49,8 @@ Rails.application.configure do # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = true + # Configure force_ssl in secrets.yml + config.force_ssl = Rails.application.secrets.force_ssl # Use the lowest log level to ensure availability of diagnostic information # when problems arise. diff --git a/config/environments/staging.rb b/config/environments/staging.rb index 65a15f2b5..f47529f64 100644 --- a/config/environments/staging.rb +++ b/config/environments/staging.rb @@ -47,7 +47,8 @@ Rails.application.configure do # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = true + # Configure force_ssl in secrets.yml + config.force_ssl = Rails.application.secrets.force_ssl # Use the lowest log level to ensure availability of diagnostic information # when problems arise. diff --git a/config/secrets.yml.example b/config/secrets.yml.example index d0c896c0f..05870b09d 100644 --- a/config/secrets.yml.example +++ b/config/secrets.yml.example @@ -32,6 +32,7 @@ test: staging: secret_key_base: "" server_name: "" + force_ssl: true rollbar_server_token: "" http_basic_username: "" http_basic_password: "" @@ -53,6 +54,7 @@ preproduction: # password: "" # authentication: "plain" # enable_starttls_auto: true + force_ssl: true rollbar_server_token: "" http_basic_username: "" http_basic_password: "" @@ -79,6 +81,7 @@ production: # password: "" # authentication: "plain" # enable_starttls_auto: true + force_ssl: true rollbar_server_token: "" http_basic_username: "" http_basic_password: ""