"app error: Missing `secret_token` and `secret_key_base` for 'production' environment"

  • Posted February 10, 2015

Using the 1-Click Ruby on Rails on Ubuntu 14.04 Image, I’m getting the following error on initial request to the app:

ERROR: app error: Missing `secret_token` and `secret_key_base` for 'production' environment, set these values in `config/secrets.yml` (RuntimeError)

my config/secrets.yml file includes the following:

# Do not keep production secrets in the repository,
# instead read values from the environment.
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
  secret_token: <%= ENV["SECRET_KEY_BASE"] %>

and I’ve set ENV["SECRET_KEY_BASE"]

stack: ‘rails’, ‘4.2.0’ ruby ‘2.1.3’ unicorn (4.8.3)

all my reading says that secret_token is no longer used in Rails 4.2.


I have the same with rails 4.1.1 env is set but error still appears (only sector key, no token)

I am having this same problem with same versions. Will wait with you.

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Include in /etc/default/unicorn export SECRET_KEY_BASE=your_code

I use this with capistrano. it works nice:

I create a file: config/local_env.yml, put my variables there

and then in application rb

config.before_configuration do env_file = File.join(Rails.root, ‘config’, ‘local_env.yml’) YAML.load( do |key, value| ENV[key.to_s] = value end if File.exists?(env_file) end

I can refute Unicorn not being able to read environment variables.

I am using a similar stack (rbenv, nginx, Unicorn) on CentOS machines and I set environment variables with rbenv-vars (although I have been using custom scripts in /etc/profile.d and they also worked like a charm).

I published an article about Rails and environment variables yesterday ( – while it does not solve your problem, it may point you in the right direction …

The solution is to set SECRET_KEY_BASE in /etc/apache2/envvars (ubuntu 14.04) or wherever your webserver’s environment variables are set.

The only solution I found was to put the secret_key_base && secret_token values directly into secrets.yml.

apparently Unicorn can’t read from the Environment Variables. (I have nothing to back that up, only conjecture and a comment on StackOverflow which identified that as a solution to a similar issue)