Chef is definitely overkill. If you are not deploying to heroku, then add the secret file to your .gitignore and create one on your server and local machine. I do that with my database.yml. I don't want everybody to know my mysql password, so i ignore my database.yml and my capistrano script copies that file on deploy.
If you are doing a heroku deploy, I'm not super sure how to proceed, maybe someone else can help you out. Maybe use two different git repos with one set as upstream of the other? On Fri, Dec 9, 2011 at 11:45 AM, Chris Radcliff <[email protected]>wrote: > I'm developing an open-source Rails app, and I'd like to make it > simple to specify secret configuration values when deploying a copy, > while making it difficult to accidentally check those values into a > repo. > > For example, the app has a Yahoo App ID for use with their APIs. My > default way to specify this is to add an initializer: > > config/initializers/secret_yahoo_app_ids.rb > ----------------- > # The Yahoo! API keys for use with this application > Ringsail::Application.config.yahoo_app_id = > 'SDOIUGSKJHGIOUYITSABUNCHOFRANDOMCHARACTERSDOIUGSKJHGS' > ----------------- > > To keep that out of the repo, I add it to .gitignore and hint at it > with a *.template file that looks like this: > > config/initializers/secret_yahoo_app_ids.rb.template > ----------------- > # The Yahoo! API keys for use with this application > Ringsail::Application.config.yahoo_app_id = 'ADD YOUR YAHOO ID HERE' > ----------------- > > Having a bunch of those sprinkled around the app is kind of a > nightmare for the deploying user to deal with. Is there a better place > to put a bunch of these values and keep them secret? Is that more of a > job for Chef? > > Thanks, > ~chris > > -- > SD Ruby mailing list > [email protected] > http://groups.google.com/group/sdruby -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby
