Skip to content

Step 3: Configure Storage

Overview

  • Configure config/storage.yml
  • Update config/environments/production.rb

Now that you have defined your secrets, you need to configure your application to use them. S3 is a popular choice for file storage, needs secrets to operate, and is used by the Depot application to store book cover images. Your app may have other needs, so just consider this an example.

Active Storage is the Rails way to use S3. Configure it using the environment variables you extracted from your password manager:

config/storage.yml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
test:
  service: Disk
  root: <%= Rails.root.join("tmp/storage") %>

local:
  service: Disk
  root: <%= Rails.root.join("storage") %>

hetzner:
  service: S3
  access_key_id: <%= ENV["ACCESS_KEY_ID"] %>
  secret_access_key: <%= ENV["SECRET_ACCESS_KEY"] %>
  endpoint: <%= ENV["ENDPOINT_URL"] %>
  region: <%= ENV["REGION"] %>
  bucket: <%= ENV["BUCKET_NAME"] %>

# Use bin/rails credentials:edit to set the AWS secrets
# (as aws:access_key_id|secret_access_key)
# amazon:
#   service: S3
#   access_key_id: <%= Rails.application.credentials
#                        .dig(:aws, :access_key_id) %>
#   secret_access_key: <%= Rails.application.credentials
#                            .dig(:aws, :secret_access_key) %>
#   region: us-east-1
#   bucket: your_own_bucket-<%= Rails.env %>

# Remember not to check in your GCS keyfile to a repository
# google:
#   service: GCS
#   project: your_project
#   credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
#   bucket: your_own_bucket-<%= Rails.env %>

# Use bin/rails credentials:edit to set the Azure Storage secret
# (as azure_storage:storage_access_key)
# microsoft:
#   service: AzureStorage
#   storage_account_name: your_account_name
#   storage_access_key: <%= Rails.application.credentials
#                 .dig(:azure_storage, :storage_access_key) %>
#   container: your_container_name-<%= Rails.env %>

# mirror:
#   service: Mirror
#   primary: local
#   mirrors: [ amazon, google, microsoft ]

Note: If you used the Rails credentials file, you can use the Rails.application.credentials hash to extract these values. The amazon example in this file uses this approach.

Next, update your config/environments/production.rb to use the S3 service:

config/environments/production.rb
# Store uploaded files in S3 object storage (see config/storage.yml for options).
config.active_storage.service = :hetzner

Finally, add the gem needed to access s3:

bundle add aws-sdk-s3