本文是小编为大家收集整理的关于在Rails应用程序中安全地提供数据库密码的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。
问题描述
如您所知,您必须为config/database.yml文件中的数据库提供正确的数据库名称,用户名和密码,或者您的Rails应用程序将拒绝工作.
在默认设置中,您的密码在config/database.yml文件中使用纯文本.如果您的应用程序位于免费的GITHUB存储库中,则您的密码是公共信息.对于严重的应用程序而言,这不是可行的选择. (只要您不将此密码用于其他任何内容,都可以进行教程练习.)
我有一个解决方案到目前为止对我有用的解决方案,但是我想知道是否有更好的东西.您可以在 https://github.com/jhsu802701/bsf .
上看到我部署的示例.我要做的是设置config/database.yml文件,以编程为开发环境提供用户名和密码.对于开发环境,我将命令添加到config/database.yml脚本以获取开发环境用户名(这是我使用的Debian Linux设置的常规用户名)和一个空白密码. (我给我的用户名postgres superuser特权.)对于生产环境,我在部署脚本中添加了一个命令,该命令从我的帐户上其他地方的文件中获取用户名和密码,并将此信息写入config/database.yml文件.
有更好的解决方案吗?
有没有覆盖此的红宝石宝石?如果没有,我正在考虑创建一个.
推荐答案
Heroku做到的方式,而绝大多数其他铁路商店都与Env变量
将两个变量导出到您的环境,
export POSTGRES_USERNAME='username' export POSTGRES_PASSWORD='password'
然后在数据库中.您可以做
username: <%= ENV['POSTGRES_USERNAME'] %> password: <%= ENV['POSTGRES_PASSWORD'] %>
其他推荐答案
这就是我使其工作的方式:
在终端/cmd上:
heroku config:set YOUR_DATABASE_PASSWORD=passywordy
然后,在/config/database.yml file;
production: <<: *default password: <%= ENV['YOUR_DATABASE_PASSWORD'] %>
(当我使用Rails New My_App -d PostgreSQL时,将自动生成此密码区域)
其他推荐答案
除了Heroku导出以外,您将变量变量(Linux)通过输入bash(linux) export KEY=value 然后,您可以通过ENV['KEY']
将其称为Rails例如.
在狂欢中:
export CMS_DATABASE_PASSWORD=MySecurePassword
在secrets.ym中:
password: <%= ENV['CMS_DATABASE_PASSWORD'] %>
问题描述
As you know, you MUST provide the correct database name, username, and password for the database in the config/database.yml file, or your Rails app will refuse to work.
In the default setup, your password is in plain text in the config/database.yml file. If your app is on a free GitHub repository, then your password is public information. This is not a viable option for a serious app. (It's OK for a tutorial exercise, provided that you don't use this password for anything else.)
I have a solution that has worked for me so far, but I'm wondering if there is something better. You can see my deployed example at https://github.com/jhsu802701/bsf .
What I do is set up the config/database.yml file to provide the username and password for the development environment programatically. For the development environment, I add commands to the config/database.yml script to acquire the development environment username (which is my regular username for the Debian Linux setup I use) and a blank password. (I give my username Postgres superuser privileges.) For the production environment, I add a command in the deployment script that acquires the username and password from files elsewhere on my account and writes this information to the config/database.yml file.
Is there a better solution?
Is there a Ruby gem that covers this? If not, I'm thinking of creating one.
推荐答案
The way that heroku does it, and a vast majority of other rails shops are with ENV variables
Export two variables to your environment,
export POSTGRES_USERNAME='username' export POSTGRES_PASSWORD='password'
then in your database.yml file you can do
username: <%= ENV['POSTGRES_USERNAME'] %> password: <%= ENV['POSTGRES_PASSWORD'] %>
其他推荐答案
This is how I make it work:
On terminal/cmd:
heroku config:set YOUR_DATABASE_PASSWORD=passywordy
Then, in /config/database.yml file;
production: <<: *default password: <%= ENV['YOUR_DATABASE_PASSWORD'] %>
(this password area is automatically generated when I used rails new my_app -d postgresql)
其他推荐答案
On other than heroku export you variables to system environment (linux) by typing in bash export KEY=value Then you can call it in Rails by ENV['KEY']
e.g.
in bash:
export CMS_DATABASE_PASSWORD=MySecurePassword
in secrets.yml:
password: <%= ENV['CMS_DATABASE_PASSWORD'] %>
更多相关问答
联系站长