How do I create a group of environment variables that can be used both locally in development and on Heroku using Rails 6?
There are many different ways to configure environment variables, and people have many different preferences.
Personally, for my local development, I typically use the dotenv gem. I'll git-ignore .env, but I'll add a .env.example with all the vars I need stubbed out.
Then in my local checkout(s), I'll cp .env.example .env, and I will edit that .env file for all of my local configuration.
dotenv-rails includes a railtie to load environment variables from the .env file if they have not already been supplied as real env vars.
When I deploy to Heroku, I just use the Heroku console or GUI to set up my environment variables there.
Rails credentials work great and they don't require any extra gems and keep all your app secrets in one location.
EDITOR=vim rails credentials:edit
You can access any variable you set in this encrypted file by Rails.application.credentials.name_of_key. Typically, your .gitignore file will exclude the master.key file, so to make it accessible on a cloud provider, you'd provide the single key as an environment variable for decryption.
Related
I have a sapper project which contains various database secrets and such... So for local development I want to load a .env which contains the secrets. I am aware of dotenv. How do I use dotenv to load the .env file only on my local machine and not on my deployment in cloud run.
Add .env to your .gitignore file.
This way, it won't get deployed to the cloud when you do a git push.
Then go into your cloud provider and set your production environmental variables.
Rather than using the dotenv package you can use the dotenv-cli. You install it globally and modify the dev npm command and prefix it with dotenv. The cli will locate the .env file and then run the sapper dev command with the environment variables set.
Add another command for production without the dotenv prefix so it uses the environment variables on the machine.
I'm currently writing a couple Twitter bots for my friends using the Twitter gem for Ruby. My plan was to store the keys for them in a .txt file with the rest of the bot's code on my server, but everything I've read has said the keys shouldn't be readable within the code. Is this secure enough, and if not what would be a good solution? Thanks!
A common approach is to save the environment variables into a file called .env that is ignored by version control (and therefore won't be included on Github) but read by the code. One gem to help with this is dotenv.
add .env to the .gitignore file.
create a local .env file with all your env vars
require 'dotenv' and put Dotenv.load somewhere at the beginning of your script. In Rails, the require is unnecessary and you can place the load call in any file in the config/initializers folder
Check that your app works fine locally. The environment variables should be found in the ENV hash from Ruby code.
Save changes and push new version of app to digital ocean
manually create the .env file on the digital ocean server, in the root of the repo
run digital ocean server and check that everything works.
other notes:
see How To Read and Set Environmental and Shell Variables on a Linux VPS
some platforms like heroku have a different mechanism for setting environment variables, such as heroku config:set or web UIs.
You can set environment variables on a one-off basis using the env command in bash, for example:
env a=hello b=' world' ruby -e 'puts ENV["a"] + ENV["b"]'
# => hello world
This can give a quick way to configure a program without getting into argument parsing. For example in Rails, you can say rails c test to open a console using the test environment, but env RAILS_ENV=test rails c should do the same thing.
I'm having some issues with SECRET_KEY_BASE setting on our production Ubuntu server with Unicorn and nginx. I added the variable to .bashrc and its reading fine when I try echo $SECRET_KEY_BASE, but for some reason I'm getting the following error:
app error: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` (RuntimeError)
Also, when I try to access the variable with ENV["SECRET_KEY_BASE"] from within the console in production environment, I can read it fine.
I tried restarting Unicorn and server and it doesn't help. Any idea why this is happening?
You may need to add the variables to the unicorn.conf file, since it seems you are launching Unicorn with a different user or without sourcing your .bashrc.
In any case, I suggest you use dotenv gem to store your env variables in a .env file within your project. That is the cleanest way I know. If you need to have capistrano integration and handle all the different environments with ease, you can also use dotenv-deployment gem.
I have a Play! application which is on Heroku.
My config file is different between my local application and the same on Heroku. Especially for the URL of my MongoDB base.
On localhost my base address is 127.0.0.1 and on heroku it's on MongoHQ. So when I push my application to Heroku I modify my config file.
But some times, like this morning Heroku change the config file. I pushed my application correctly configured on Heroku this morning and everything worked until now.
When I watch the logs I see that Heroku changed my config and try to connect to my local MongoDB base.
Is someone knowing what ? I hope I'm clear :)
Thanks everybody !
If there are differences in your application in different environments (e.g. local vs production), you should be using assigning the values with environment variables. For Play apps, you can use environment variables in your application.conf file, like this:
`mongo.url=${MONGO_URL}`
Then, on Heroku you can set the environment variables with config vars, like this (note, this may already be assigned for you by the add-on provider):
$ heroku config:add MONGO_URL=...
Locally, you can use Foreman to run your application with the environment variables stored in an .env file in your project root.
I want to set MONGOHQ_URL in my sinatra app in order to be able to do this:
uri = URI.parse(ENV['MONGOHQ_URL'])
How do I setup the MONGOHQ_URL?
on Windows: set MONGOHQ_URL=test
on Unix (bash): export MONGOHQ_URL=test
on Unix (csh): setenv MONGOHQ_URL test
In order for your environment variables to always be available to your app, you will need to make sure they get exported whenever a new terminal session launches. It's common to put these in .bashrc for example
export MONGOHQ_URL=https://some.long.secure.url # for example
But for your local development purposes you might want to check out dotenv gem which allows you to store local environment variables in .env file in root of your project. For production, you should be able to Figaro with Sinatra, for more see answer to this question or see readme on the github repo
In general you should always make sure not to commit sensitive config information in your codebase so make sure to add any files like .env or config/application.yml to your .gitignore file.