Stripe and Amazon S3 credentials are a couple of common
examples of sensitive information that you will frequently store
in your app. I've found that the easiest way to store / access
this information in your app is through environment variables,
and that the best way to manage these values across various apps
is with dotenv
- specifically with dotenv-rails
for Rails
apps.
Just add dotenv-rails
to your Gemfile
gem 'dotenv-rails', groups: [:development, :test]
Create a file named .env
in your project root and set any variable in it
like so:
VARIABLE_NAME=some-value-here
And lastly, add this to your .gitignore
so that you do not commit your
super secret credentials.
.env
If you are using Heroku, setting the environment variables on your
server is as simple as heroku config:set VARIABLE_NAME=value
, or you
can just use the heroku-config
gem to push your local environment variables defined in .env
with
heroku config:push
(see more details in the Gem docs).
If you are using a VPS, such as DigitalOcean, you will have to configure
the environment variables on the server in a different way. For example,
with Unicorn, modify /etc/default/unicorn
and add your config
there.