Hi, I am wondering how to organize the storage of sensitive info:
database passwords, account tokens, the Mojo secret, smtp login and so
on. Especially as you want to share your code (Github) you have to be
careful not to push your sensitive info to a public repository.
On the other hand, the _structure_ of the secrets file (a dummy) must be
pushed to the repository and kept up to date as well.
I can imagine putting these configuration secrets in the ENVironment or
use two config files, one for non-sensitive settings and one for
sensitive settings. (But Mojolicious::Plugin::Config supposes only 1
config file? Or many just use 1 config file, and keep a demo copy and
diffing those two to check before pushing changes to the repository?).
In both methods a gitignore must be configured to skip the file when
pushing your changes upstream, I gather.
Any pointers to the best (Mojo) practice welcome!
--
You received this message because you are subscribed to the Google Groups
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
