We’re currently making rapid changes to the product so our docs may be out of date. If you need help, please email firstname.lastname@example.org.
We currently use the following gems for configuring the application:
This gem is used for configuring environment variables for test and development environments. Examples:
Settings managed via your ENV can be found in
installation section of your operating system and viewed at
/admin/customization/config (see the Admin guide):
Tests always load the sample environment (and ignore the .env file). If you need to customize tests, add the environment variables to a file named .env.test.local. This prevents your development secrets from being present during test execution.
We use this gem for managing settings used within the app's business logic. Examples:
These settings can be accessed via the
object and various models in the
Settings:: namespace and viewed or modified
/admin/customization/config (see the Admin guide).
The vault Ruby gem allows us to interact with
Vault. In a nutshell, Vault is
a tool for securely storing and accessing secrets. It is completely optional for
running a Forem. To access it we use the wrapper
result = Vault.kv(namespace).read(key)&.data&.fetch(:value) if ENV["VAULT_TOKEN"].present?
result ||= ApplicationConfig[key]
def self.=(key, value)
Vault.kv(namespace).write(key, value: value)
We attempt to access a secret from Vault if it is enabled, i.e. if the
VAULT_TOKEN is present. If Vault is not enabled or if we cannot find the
secret in it, then we fallback to fetching the secret from the
One advantage of using Vault with Forem is that it allows you to update your secrets easily through the application rather than having to mess with ENV files. If you would like to try out Vault, follow our installation guide for setting it up locally.