From 82191b33831f26e071a27dd59ce2e46fb467589c Mon Sep 17 00:00:00 2001
From: Andrea Faulds <ajf@ajf.me>
Date: Wed, 23 Nov 2016 08:30:53 +0000
Subject: [PATCH] Explain application secrets (#217)

---
 .env.production.sample | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.env.production.sample b/.env.production.sample
index b68ba523cd..a3da10b979 100644
--- a/.env.production.sample
+++ b/.env.production.sample
@@ -14,6 +14,8 @@ LOCAL_DOMAIN=example.com
 LOCAL_HTTPS=true
 
 # Application secrets
+# These are arbitrary strings. They should be long and cryptographically secure.
+# For Docker, `docker-compose run --rm web rake secret` will generate them.
 PAPERCLIP_SECRET=
 SECRET_KEY_BASE=
 
-- 
GitLab