Thursday, February 21, 2013
I've created a small gem called multa_arcana (latin for "Many Secrets") which allows one to store all Rails secrets in one file, which should not be checked into revision control, but other files then can be. Source is on https://github.com/skandragon/multa_arcana
Usage:
add to Gemfile: gem 'multa_arcana'
Create a file to hold the secrets: config/secrets.yml
While the filename can be changed, it is somewhat hard to do so without modifying a file that is loaded fairly early, like application.rb. I just use the default. Currently to change this, one must pass in a file to load on the first call to retrieve a secret. API suggestions welcome.
Place in this file the various secrets your rails app needs to keep secret:
db_username: john
db_password: my-super-secret-db-password
secret_token: lkasjdlkqjlkas...la9u9203udkd
redis: redis://user:password-for-redis@host
devise_pepper: 239ru2ij3jf9u02dhis...92930d02hdhdlka3
Use it wherever you need to:
config/database.yml:
production:
adapter: postgresql
encoding: unicode
database: thing_production
pool: 5
host: 127.0.0.1
username: <% MultaArcana::secret_for(:db_username) %>
password: <% MultaArcana::secret_for(:db_password) %>
config/initializers/secret_token.rb:
Thing::Application.config.secret_token = MultaArcana::secret_for(:secret_token)
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment