If you're already using Chef, putting configs in a data bag is a great way to go.
I use a combination of rbenv, rbenv-vars ( https://github.com/sstephenson/rbenv-vars), and chef to push the latest vars out to the servers and ensure that they are loaded into ENV for use by the application. Totally overkill on a small setup, but awesome when you're pushing to a larger cluster. James On Fri, Dec 9, 2011 at 12:09 PM, Rafael MVC <[email protected]> wrote: > Chef is definitely overkill. > If you are not deploying to heroku, then add the secret file to your > .gitignore and create one on your server and local machine. > I do that with my database.yml. I don't want everybody to know my mysql > password, so i ignore my database.yml and my capistrano script copies that > file on deploy. > > If you are doing a heroku deploy, I'm not super sure how to proceed, maybe > someone else can help you out. Maybe use two different git repos with one > set as upstream of the other? > > > > On Fri, Dec 9, 2011 at 11:45 AM, Chris Radcliff > <[email protected]>wrote: > >> I'm developing an open-source Rails app, and I'd like to make it >> simple to specify secret configuration values when deploying a copy, >> while making it difficult to accidentally check those values into a >> repo. >> >> For example, the app has a Yahoo App ID for use with their APIs. My >> default way to specify this is to add an initializer: >> >> config/initializers/secret_yahoo_app_ids.rb >> ----------------- >> # The Yahoo! API keys for use with this application >> Ringsail::Application.config.yahoo_app_id = >> 'SDOIUGSKJHGIOUYITSABUNCHOFRANDOMCHARACTERSDOIUGSKJHGS' >> ----------------- >> >> To keep that out of the repo, I add it to .gitignore and hint at it >> with a *.template file that looks like this: >> >> config/initializers/secret_yahoo_app_ids.rb.template >> ----------------- >> # The Yahoo! API keys for use with this application >> Ringsail::Application.config.yahoo_app_id = 'ADD YOUR YAHOO ID HERE' >> ----------------- >> >> Having a bunch of those sprinkled around the app is kind of a >> nightmare for the deploying user to deal with. Is there a better place >> to put a bunch of these values and keep them secret? Is that more of a >> job for Chef? >> >> Thanks, >> ~chris >> >> -- >> SD Ruby mailing list >> [email protected] >> http://groups.google.com/group/sdruby > > > -- > SD Ruby mailing list > [email protected] > http://groups.google.com/group/sdruby > -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby
