Improve Docker setup (PR #497)

config/environments/production.rb

@@ -40,7 +40,7 @@ Foodsoft::Application.configure do
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  config.force_ssl = true
+  config.force_ssl = ENV["RAILS_FORCE_SSL"] != "false"
 
   # Set to :debug to see everything in the log.
   config.log_level = :info
@@ -49,7 +49,13 @@ Foodsoft::Application.configure do
   # config.log_tags = [ :subdomain, :uuid ]
 
   # Use a different logger for distributed setups.
-  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+  # https://github.com/heroku/rails_12factor/issues/25#issuecomment-231103483
+  if ENV["RAILS_LOG_TO_STDOUT"].present?
+    STDOUT.sync      = true
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger    = ActiveSupport::TaggedLogging.new(logger)
+  end
 
   # Use a different cache store in production.
   # config.cache_store = :mem_cache_store

config/initializers/secret_token.rb

@@ -0,0 +1,25 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Foodsoft::Application.config.secret_key_base = begin
+  if (token = ENV['SECRET_KEY_BASE']).present?
+    token
+  elsif Rails.env.production? || Rails.env.staging?
+    raise "You must set SECRET_KEY_BASE"
+  elsif Rails.env.test?
+    SecureRandom.hex(30) # doesn't really matter
+  else
+    sf = Rails.root.join('tmp', 'secret_key_base')
+    if File.exists?(sf)
+      File.read(sf)
+    else
+      puts "=> Generating initial SECRET_KEY_BASE in #{sf}"
+      token = SecureRandom.hex(30)
+      File.open(sf, 'w') { |f| f.write(token) }
+      token
+    end
+  end
+end

config/initializers/secret_token.rb.SAMPLE

@@ -1,10 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Your secret key for verifying the integrity of signed cookies.
-# If you change this key, all old signed cookies will become invalid!
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-Foodsoft::Application.config.secret_key_base = 'you really really need to change me!'
-
-# When you're upgrading from Rails 3, it's ok to keep using `secret_token`.
-# http://api.rubyonrails.org/classes/ActionDispatch/Session/CookieStore.html