aboutsummaryrefslogtreecommitdiffstats
path: root/railties/lib/rails/commands/encrypted/USAGE
diff options
context:
space:
mode:
Diffstat (limited to 'railties/lib/rails/commands/encrypted/USAGE')
-rw-r--r--railties/lib/rails/commands/encrypted/USAGE32
1 files changed, 19 insertions, 13 deletions
diff --git a/railties/lib/rails/commands/encrypted/USAGE b/railties/lib/rails/commands/encrypted/USAGE
index 667af85cd8..7ec3ebb5d7 100644
--- a/railties/lib/rails/commands/encrypted/USAGE
+++ b/railties/lib/rails/commands/encrypted/USAGE
@@ -1,22 +1,28 @@
=== Storing Encrypted Files in Source Control
-The Rails `encrypted` commands provide access to encrypted files.
+The Rails `encrypted` commands provide access to encrypted files or configurations.
+See the `Rails.application.encrypted` documentation for using them in your app.
+
+=== Encryption Keys
+
+By default, Rails looks for the encryption key in `config/master.key` or
+`ENV["RAILS_MASTER_KEY"]`, but that lookup can be overriden with `--key`:
+
+ rails encrypted:edit config/encrypted_file.yml.enc --key config/encrypted_file.key
+
+Don't commit the key! Add it to your source control's ignore file. If you use
+Git, Rails handles this for you.
=== Editing Files
-`rails encrypted:edit config/encrypted_file.yml.enc` opens a temporary file
-in `$EDITOR` with the decrypted contents of `config/encrypted_file.yml.enc` to
-edit. The encrypted key is either stored in `config/master.key`
-or `ENV["RAILS_MASTER_KEY"]` is used, but you can provide relative path
-to the encryption key by using `--key` option:
+To edit or create an encrypted file use:
+
+ rails encrypted:edit config/encrypted_file.yml.enc
-`rails encrypted:edit config/encrypted_file.yml.enc --key config/encrypted_file.key`.
+This opens a temporary file in `$EDITOR` with the decrypted contents for editing.
-=== Viewing files
+=== Viewing Files
-`rails encrypted:show config/encrypted_file.yml.enc` prints the decrypted contents of
-`config/encrypted_file.yml.enc` file. The encrypted key is either stored in `config/master.key`
-or `ENV["RAILS_MASTER_KEY"]` is used, but you can provide relative path
-to the encryption key by using `--key` option:
+To print the decrypted contents of an encrypted file use:
-`rails encrypted:show config/encrypted_file.yml.enc --key config/encrypted_file.key`.
+ rails encrypted:show config/encrypted_file.yml.enc
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-13 23:42:29 +0000