Back to the app
Get Started
Backend
- Accounts & Multitenancy
- Action Cable
- Action Mailbox
- Action Text
- Active Storage
- Admin
- Announcements
- API
- API Clients
- Authentication
- Background Workers
- Billing & Payments
- Credentials
- Cron & Scheduled Jobs
- Databases
- Development
- Internationalization (I18n)
- Notifications
- Scaffolds
- Users
Frontend
- Alerts & Notices
- Branding
- Buttons
- Cards
- Forms
- Icons
- JavaScript
- Pagination
- Pills
- TailwindCSS
- Typography
- Wells
Extras
Turbo Native (iOS & Android)
Credentials
Jumpstart Pro uses Rails environment credentials to separate out credentials for each environment into its own encrypted file.
Environment Credentials
Rails introduced "environment credentials" which we strongly encourage using.
You can share the keys for each environment with only the users / environments that need to know them, which improves the security of your credentials. This also helps make sure you don't accidentally use development keys in production or vice versa.
rails credentials:edit --environment=development
rails credentials:edit --environment=staging
rails credentials:edit --environment=productionProtip: We recommend adding an EDITOR environment variable to your ~/.bashrc or ~/.zshrc file to automatically set this when you open a terminal. This way you won't be required to prepend the rails credentials:edit command with EDITOR="..." every time.
export EDITOR="vim" # Use Vim as default editor
export EDITOR="mvim -f" # Use MacVim as default editor
export EDITOR="code --wait" # Use VSCode as default editor
export EDITOR="atom --wait" # Use Atom as default editor
export EDITOR="mate --wait" # Use TextMate as default editorDeploying To Staging / Production
Simply add your staging.key or production.key to your deployment environment variables as RAILS_MASTER_KEY. This will let Rails decrypt your credentials in staging or production.
Organization
When you create your credentials file for the first time, the contents will look like this to make adding your API keys really easy.
# Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.
secret_key_base: 5201642c601d040e4d5443a3b1941712020d1a329893f1196cef3209a95b471441dbe42c4cc7487bf0d9141a8e25a1f3571790e3ad08b453016b96c66a729da1
active_record_encryption:
primary_key: B6IHf2DNb0SKqWlqdG2CJcQMhfn9gFhL
deterministic_key: nCePMBv6KROFg9EZ9Bfz0zi9TzZjHpsm
key_derivation_salt: ThgcGnx1AKgf9yfPyNRx9eKdRLJjRcya
# aws:
# access_key_id: 123
# secret_access_key: 345
# Jumpstart config
# ----------------
# Used for encrypting OAuth access tokens
access_token_encryption_key: 'bZumGa9unfKQ94X9u1bsSa3wHH6fzgTb6Z7qJCh66iY='
# Login Providers via OmniAuth
# ---------------
omniauth:
# Add other OmniAuth providers here
facebook:
# https://developers.facebook.com/apps/
public_key: ''
private_key: ''
# scope: 'email'
google_oauth2:
# https://code.google.com/apis/console/
public_key: ''
private_key: ''
github:
# https://github.com/settings/developers
public_key: ''
private_key: ''
# scope: 'user:email'
microsoft_graph:
# https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps
public_key: ''
private_key: ''
twitter:
# https://apps.twitter.com
public_key: ''
private_key: ''
secure_image_url: 'true'
# Mail Providers
# --------------
mailjet:
# https://app.mailjet.com/account/setup
username: ''
password: ''
domain: ''
mailgun:
# https://app.mailgun.com/app/sending/domains/<YOUR_MAILGUN_DOMAIN>/credentials
username: ''
password: ''
mandrill:
# https://mandrillapp.com/settings/index
username: ''
password: ''
domain: ''
ohmysmtp:
# https://app.ohmysmtp.com/ -> API Tokens
username: ''
password: ''
postmark:
# https://account.postmarkapp.com/servers -> Server -> API Tokens
# Use token as both username and password
username: ''
password: ''
sendgrid:
# https://app.sendgrid.com/settings/api_keys
username: 'apikey' # Leave this alone, the username is actually 'apikey'
password: ''
domain: example.com
sendinblue:
# https://account.sendinblue.com/advanced/api
username: ''
password: ''
ses:
# https://console.aws.amazon.com/ses/home
username: ''
password: ''
address: ''
sparkpost:
# https://app.sparkpost.com/account/api-keys
username: 'SMTP_Injection'
password: ''
### Payment Providers
# Braintree Payments (Required for PayPal support)
# https://braintreegateway.com
# https://sandbox.braintreegateway.com
# Webhooks should be pointed to https://domain.com/webhooks/braintree
braintree:
environment: ''
public_key: ''
private_key: ''
merchant_id: ''
# Stripe Payments
# https://dashboard.stripe.com/account/apikeys
# https://dashboard.stripe.com/test/apikeys
stripe:
public_key: ''
private_key: ''
# For processing Stripe webhooks
# https://dashboard.stripe.com/account/webhooks
# Webhooks should be pointed to https://domain.com/webhooks/stripe
signing_secret: ''
# Paddle Payments
# https://vendors.paddle.com/authentication
paddle:
environment: '' # sandbox or production
vendor_id: ''
vendor_auth_code: ''
# For processing Paddle webhooks
# https://vendors.paddle.com/public-key (only base64: MII...==)
# Webhooks should be pointed to https://domain.com/webhooks/paddle
public_key_base64: ''
### Integrations
airbrake:
# https://airbrake.io
project_id: ''
project_key: ''
appsignal:
# https://appsignal.com App -> App Settings -> Push & deploy -> Push key
api_key: ''
bugsnag:
# https://app.bugsnag.com/settings -> Projects -> API Key
api_key: ''
convertkit:
# https://app.convertkit.com/account/edit#account_info
api_key: ''
api_secret: ''
drip:
# https://www.getdrip.com/user/edit
api_key: ''
account_id: ''
honeybadger:
# https://www.honeybadger.io/
api_key: ''
intercom:
# https://intercom.io
# You can find this at Settings > Installation > Web
app_id: ''
# Optional, used for Identity Verification
# You can find this at Settings > Installation > Security > Enforce identity on web
api_secret: ''
mailchimp:
# https://mailchimp.com/
api_key: ''
scout:
# https://scoutapm.com/
api_key: ''
sentry:
# https://sentry.io
dsn: ''
skylight:
# https://skylight.io
# This should be the long 40+ character token from Settings, _not_the short setup token
# You can click "create the application manually" when setting up a new Skylight app to skip the setup token step and get your auth_token
auth_token: ''
rollbar:
# https://rollbar.com/
access_token: ''