开发者

Rails 3 email password in environment.rb? Push to git safe?

开发者 https://www.devze.com 2023-03-08 19:06 出处:网络
I am certain that I should not publish my email password to the public git repository in the env开发者_运维问答ironment.rb file.Is there a way to avoid this without including the entire file in the .g

I am certain that I should not publish my email password to the public git repository in the env开发者_运维问答ironment.rb file. Is there a way to avoid this without including the entire file in the .gitignore?


You could save your email credentials within another file config/email.credentials.yml:

host: ...
username: ...
password: ...
...

and within your environment.rb file just load them with (for example):

YAML.load_file("#{Rails.root}/config/email.credentials.yml")['username']

then you would mention the credentials file within the .gitignore file.

Additionally, if you deploy the app on several servers, you might check that the file exists within an initializer and otherwise raise an error. So you make sure the app doesn't start unless the mail config file is present.


I also discovered another method which might even be easier:

config/initializers/setup_mail.rb. In there put the following for gmail apps (example):

ActionMailer::Base.smtp_settings = {
  :enable_starttls_auto => true,
  :address => 'smtp.gmail.com',
  :port => 587,
  :domain => 'domain.name',
  :authentication => :plain,
  :user_name => 'namd@domain.name',
  :password => 'secret'
}

Then just add to .gitignore file. This way you only edit 2 (rather than 3) files.


That is what I use:

instance_eval File.read "#{ Rails.root }/config/confidential.rb"

and confidential.rb is a file like:

config.pass1 = '1234'
config.pass2 = '54r235'
0

精彩评论

暂无评论...
验证码 换一张
取 消