I have a few web services that require secure tokens/keys/passwords to be passed in. Where should I define these secure values for my rails app 开发者_运维知识库to see? I want the development keys in version control, but don't want the production keys in version control. How should I set this up? I'm new to rails.
You see the question properly.
Put your passwords
and keys
in some yml file excluded from version control.
Then on your production server, create the very same file and symlink your app to it every time you deploy.
EDIT.
Capistrano is almost made to fits these needs:
put your
yml
files in theshared
folderIn your capistrano
deploy.rb
file:after 'deploy' do run "ln -s #{shared_path}/database.yml #{release_path}/config/database.yml" end
to work with yml files: http://railscasts.com/episodes/85-yaml-configuration-file
apneadiving is right, symlinking the files is a good idea. Another approach is to put the keys in the shell variables, accessible only to the user that runs the app. Then, in your rails app you'll have
login = ENV['SERVICE_LOGIN']
password = ENV['SERVICE_PASSWORD']
As of Rails 4.1.0, check out secrets.yml.
精彩评论