On 07.10.2015 15:50, Henk van Tijen wrote: > Hi, I am wondering how to organize the storage of sensitive info: > database passwords, account tokens, the Mojo secret, smtp login and so > on. Especially as you want to share your code (Github) you have to be > careful not to push your sensitive info to a public repository. > On the other hand, the _structure_ of the secrets file (a dummy) must be > pushed to the repository and kept up to date as well.
We (Unix servers & services group, university data center) have a simple homespun module with a getsecret($filename, $key) function that looks up secret information in a file, usually $HOME/etc/secrets in the application's user account. We use it in lots of different applications, so we use it in Mojolicious as well. The only thing about the secrets that is in the Mojo configuration is the location of the secrets file, although that could even be hard-coded. Regards, Juergen. -- <[email protected]> Tel +49.30.838-50740 Fax -450740 Zentraleinrichtung fuer Datenverarbeitung, Central Systems (Unix) Freie Universitaet Berlin, Fabeckstrasse 32, 14195 Berlin, DE -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
