Store Let's Encrypt private key in settings

Storing this key in secrets.yml was a bad idea,
it would require users using HA setups to manually
replicate secrets across nodes during update,
it also needed support from omnibus package

* Revert "Generate Let's Encrypt private key"
  This reverts commit 444959bfa0b79e827a2a1a7a314acac19390f976.

* Add Let's Encrypt private key to settings
  as encrypted attribute

* Generate Let's Encrypt private key
  in database migration

1 files changed, 0 insertions, 11 deletions

diff --git a/spec/initializers/secret_token_spec.rb b/spec/initializers/secret_token_spec.rb
index 77bc28a6b07..726ce07a2d1 100644
--- a/spec/initializers/secret_token_spec.rb
+++ b/spec/initializers/secret_token_spec.rb
@@ -45,21 +45,11 @@ describe 'create_tokens' do
         expect(keys).to all(match(RSA_KEY))
       end
 
-      it "generates private key for Let's Encrypt" do
-        create_tokens
-
-        keys = secrets.values_at(:lets_encrypt_private_key)
-
-        expect(keys.uniq).to eq(keys)
-        expect(keys).to all(match(RSA_KEY))
-      end
-
       it 'warns about the secrets to add to secrets.yml' do
         expect(self).to receive(:warn_missing_secret).with('secret_key_base')
         expect(self).to receive(:warn_missing_secret).with('otp_key_base')
         expect(self).to receive(:warn_missing_secret).with('db_key_base')
         expect(self).to receive(:warn_missing_secret).with('openid_connect_signing_key')
-        expect(self).to receive(:warn_missing_secret).with('lets_encrypt_private_key')
 
         create_tokens
       end
@@ -88,7 +78,6 @@ describe 'create_tokens' do
       before do
         secrets.db_key_base = 'db_key_base'
         secrets.openid_connect_signing_key = 'openid_connect_signing_key'
-        secrets.lets_encrypt_private_key = 'lets_encrypt_private_key'
 
         allow(File).to receive(:exist?).with('.secret').and_return(true)
         allow(File).to receive(:read).with('.secret').and_return('file_key')