I''ve created a small gem called multa_arcana (latin for "Many Secrets") which allows one to store all Rails secrets in one file, which should not be checked into revision control, but other files then can be. Source is on https://github.com/skandragon/multa_arcana Usage: add to Gemfile: gem ''multa_arcana'' Create a file to hold the secrets: config/secrets.yml While the filename can be changed, it is somewhat hard to do so without modifying a file that is loaded fairly early, like application.rb. I just use the default. Currently to change this, one must pass in a file to load on the first call to retrieve a secret. API suggestions welcome. Place in this file the various secrets your rails app needs to keep secret: db_username: john db_password: my-super-secret-db-password secret_token: lkasjdlkqjlkas...la9u9203udkd redis: redis://user:password-for-redis@host devise_pepper: 239ru2ij3jf9u02dhis...92930d02hdhdlka3 Use it wherever you need to: config/database.yml: production: adapter: postgresql encoding: unicode database: thing_production pool: 5 host: 127.0.0.1 username: <% MultaArcana::secret_for(:db_username) %> password: <% MultaArcana::secret_for(:db_password) %> config/initializers/secret_token.rb: Thing::Application.config.secret_token MultaArcana::secret_for(:secret_token) -- (Ruby, Rails, Random) blog: http://blog.flame.org/ -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Michael Graff wrote in post #1098246:> I''ve created a small gem called multa_arcana (latin for "Many Secrets") > which allows one to store all Rails secrets in one file, which should > not > be checked into revision control, but other files then can be. Source > is > on https://github.com/skandragon/multa_arcanaInteresting, but what advantage does this have over... https://github.com/binarylogic/settingslogic -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Probably none, but "settingslogic" didn''t appear in my search when I looked for ways to store secrets in a single file. :) -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
derek.mcneil90-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
2013-Feb-22 04:55 UTC
Re: Quick gem to help with passwords
Why not just use environment variables? -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/YkcEiBB8_3sJ. For more options, visit https://groups.google.com/groups/opt_out.
Michael Graff wrote in post #1098252:> Probably none, but "settingslogic" didn''t appear in my search when I > looked > for ways to store secrets in a single file. :)Sure there is advantage to writing your own gem. You wrote it, and shared it with the community. That''s AWESOME! I considered doing something similar, until I ran across SettingsLogic.> Posted by unknown (Guest) on 2013-02-22 09:05 > Why not just use environment variables?Yes, environment variables are certainly an option, but I really like the consistent API, and baked-in support for different environments that SettingLogic provides. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Because environment variables show up in process lists. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
derek.mcneil90-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
2013-Feb-24 15:22 UTC
Re: Re: Quick gem to help with passwords
If it''s an issue of security...if somebody is already looking at your processes, what''s keeping them from cd''ing to your application''s config directory and reading secrets.yml? On Saturday, February 23, 2013 8:02:05 PM UTC-6, M Graff wrote:> > Because environment variables show up in process lists. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/CCziVlnrA_AJ. For more options, visit https://groups.google.com/groups/opt_out.