Skip to main content



We’re currently making rapid changes to the product so our docs may be out of date. If you need help, please email

We currently use the following gems for configuring the application:


This gem is used for configuring environment variables for test and development environments. Examples:


Settings managed via your ENV can be found in installation section of your operating system and viewed at /admin/customization/config (see the Admin guide):

Screenshot of env variable admin interface

Tests always load the sample environment (and ignore the .env file). If you need to customize tests, add the environment variables to a file named .env.test.local. This prevents your development secrets from being present during test execution.


We use this gem for managing settings used within the app's business logic. Examples:

  • Settings::General.main_social_image
  • Settings::RateLimit.follow_count_daily
  • Settings::Authentication.twitter_secret

These settings can be accessed via the Settings::General object and various models in the Settings:: namespace and viewed or modified via /admin/customization/config (see the Admin guide).

Screenshot of site configuration admin interface


The vault Ruby gem allows us to interact with Vault. In a nutshell, Vault is a tool for securely storing and accessing secrets. It is completely optional for running a Forem. To access it we use the wrapper AppSecrets.

class AppSecrets
def self.[](key)
result = Vault.kv(namespace).read(key)&.data&.fetch(:value) if ENV["VAULT_TOKEN"].present?
result ||= ApplicationConfig[key]

rescue Vault::VaultError

def self.[]=(key, value)
Vault.kv(namespace).write(key, value: value)

def self.namespace
private_class_method :namespace

We attempt to access a secret from Vault if it is enabled, i.e. if the VAULT_TOKEN is present. If Vault is not enabled or if we cannot find the secret in it, then we fallback to fetching the secret from the ApplicationConfig.

One advantage of using Vault with Forem is that it allows you to update your secrets easily through the application rather than having to mess with ENV files. If you would like to try out Vault, follow our installation guide for setting it up locally.