[LRUG] How do you manage secrets in Rails apps?

Josh McMillan josh at joshmcmillan.co.uk
Tue Sep 23 11:16:17 PDT 2014

Generally speaking, I’ll use dotenv in development. You can easily export your Heroku environment config in that format if necessary (“heroku config --shell > .env”), which can occasionally be quite convenient (albeit obviously rather dangerous — you don’t want to accidentally be fiddling with your production database with a “rails c").

In production, that’s platform dependent. If Heroku, then obviously “heroku config”. If something else (lately I’ve been fiddling with AWS OpsWorks), I’ll typically write to /etc/environment on deploy.

I’m interested to see how dotenv-deployment could be used in production. Never used it in anger, and not sure what benefits it provides over writing to a system-wide file like /etc/environment.

Josh McMillan

On 23 September 2014 at 19:06:23, Phil Nash (philnash at gmail.com) wrote:

I've been thinking a lot recently about application secrets like API or database credentials and how they are stored in different environments for Rails apps. I was hoping that you lovely LRUG member could share how you deal with this yourself.

Currently I only tend to deploy apps to Heroku, so I use environment variables throughout the app, loaded in development/test environments with the envyable gem, though figaro would do the same job.

So, what I'm asking is, if you use environment variables for config in your applications how do you load them in both development and production environments?



Phil Nash
Chat mailing list  
Chat at lists.lrug.org  
Archives: http://lists.lrug.org/pipermail/chat-lrug.org  
Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org  
List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20140923/cc854d38/attachment-0003.html>

More information about the Chat mailing list