I'm currently writing a couple Twitter bots for my friends using the Twitter gem for Ruby. My plan was to store the keys for them in a .txt file with the rest of the bot's code on my server, but everything I've read has said the keys shouldn't be readable within the code. Is this secure enough, and if not what would be a good solution? Thanks!
A common approach is to save the environment variables into a file called .env that is ignored by version control (and therefore won't be included on Github) but read by the code. One gem to help with this is dotenv.
add .env to the .gitignore file.
create a local .env file with all your env vars
require 'dotenv' and put Dotenv.load somewhere at the beginning of your script. In Rails, the require is unnecessary and you can place the load call in any file in the config/initializers folder
Check that your app works fine locally. The environment variables should be found in the ENV hash from Ruby code.
Save changes and push new version of app to digital ocean
manually create the .env file on the digital ocean server, in the root of the repo
run digital ocean server and check that everything works.
other notes:
see How To Read and Set Environmental and Shell Variables on a Linux VPS
some platforms like heroku have a different mechanism for setting environment variables, such as heroku config:set or web UIs.
You can set environment variables on a one-off basis using the env command in bash, for example:
env a=hello b=' world' ruby -e 'puts ENV["a"] + ENV["b"]'
# => hello world
This can give a quick way to configure a program without getting into argument parsing. For example in Rails, you can say rails c test to open a console using the test environment, but env RAILS_ENV=test rails c should do the same thing.
Related
Heroku docs indicate that "On a traditional host or when working locally, you often set environment variables in your .bashrc file. On Heroku, you use config vars". On Dokku the process is analogous: https://dokku.com/docs/configuration/environment-variables/
With the "traditional" method I can take a .env file append it's contents to .bashrc over ssh with a single automated standard unix command.
The Heroku docs only describe how to set "config vars" one by one. It would take unacceptably long to do this.
On Heroku one could perhaps use the api. But Dokku does not have an API.
Question is similar to Setting Dokku environment variables
The accepted answer there speaks about a local CLI for dokku where you can run $ dokku config:set:file <path/to/.env>. I can't find documentation on this command with "standard" dokku. I don't need a local CLI I can ssh and scp to my server.
Question is similar to Bulk set the environment variables in Heroku pipeline except that I don't know what a Heroku pipeline is and I'm not using one (and the question has no answer).
Is there a mechanism short of creating a bash script or installing a local Dokku CLI for bulk updating config vars in Heroku based on a .env file with a long list of variables?
Sure, use heroku config:set ENV_ONE=value ENV_TWO=value ENV_THREE=value from the heroku CLI in your terminal.
Make sure it's all a single line, use spaces, not line breaks.
How do I create a group of environment variables that can be used both locally in development and on Heroku using Rails 6?
There are many different ways to configure environment variables, and people have many different preferences.
Personally, for my local development, I typically use the dotenv gem. I'll git-ignore .env, but I'll add a .env.example with all the vars I need stubbed out.
Then in my local checkout(s), I'll cp .env.example .env, and I will edit that .env file for all of my local configuration.
dotenv-rails includes a railtie to load environment variables from the .env file if they have not already been supplied as real env vars.
When I deploy to Heroku, I just use the Heroku console or GUI to set up my environment variables there.
Rails credentials work great and they don't require any extra gems and keep all your app secrets in one location.
EDITOR=vim rails credentials:edit
You can access any variable you set in this encrypted file by Rails.application.credentials.name_of_key. Typically, your .gitignore file will exclude the master.key file, so to make it accessible on a cloud provider, you'd provide the single key as an environment variable for decryption.
I've tried many different solutions on the web for this problem, but all have been unsuccessful.
Here's the problem: My app needs to know whether it is being run on Heroku (production mode) or locally (development mode). For this purpose, we want to use environment variables. I've understood that environment variables on Heroku can be set in a .env file. So my attempt was to run heroku run bash -a <app-name> and then to install vim by doing this:
mkdir ~/vim
cd ~/vim
# Staically linked vim version compiled from https://github.com/ericpruitt/static-vim
# Compiled on Jul 20 2017
curl 'https://s3.amazonaws.com/bengoa/vim-static.tar.gz' | tar -xz
export VIMRUNTIME="$HOME/vim/runtime"
export PATH="$HOME/vim:$PATH"
cd -
Apart from crashing repeatedly, vim didn't work anymore when I logged in and out of the shell:
~ $ vim // in the heroku shell
vim: error while loading shared libraries: libXt.so.6: cannot open shared object file: No such file or directory
I also tried heroku plugins:install heroku-vim but running heroku vim after that only resulted in a long delay followed by the normal heroku shell opening, no vim.
I don't really care if I get vim to work. I just want to be able to write in a file named .env on Heroku so I can set environment variables in it.
How can I achieve this?
There is no need for an .env file on Heroku. In fact, such a file won't work very well since
Heroku gets all of its files from your Git repository,
has an ephemeral filesystem, meaning that changes to files like .env will be quickly lost, and
the .env file won't be available on other dynos if you scale your app
As such, creating an .env file on Heroku isn't a good approach.
Instead, you can use its built-in support for environment variables, using heroku config:set <var> <value> or its web UI. Either way, you'll get a regular environment variable.
It is fairly simple.
Just as you added them in your .env file, do the same with heroku's command line and you will see heroku restart and you are all set to fly again.
Just use the command :
(heroku config:set VARIABLE=this_is_the_value)
Remember to use the underscores in the value as spaces are not allowed not inverted quotes (" ")to turn it into a single string is permissible.
I created a rails app that is hosted on Heroku. Now I want to upload a ruby script that will populate my database.
This script already exists and is using
PGconn.connect( :hostaddr=>"127.0.0.1", :port=>5432, :dbname=>"myDB", :user=>"MyUser", :password=>'MyPass');
This will obviously not work on Heroku.
I tried to get it using:
Rails.configuration.database_configuration
But I get
uninitialized constant Rails
How can I get the information so I can connect to my Heroku DB? Is there any way to make the same code wotk both on my localhost and on Heroku?
(ps: I am using foreman and the .ENV file, if it helps)
Edit:
The solution I took:
require 'yaml'
require 'erb'
config = YAML.load(ERB.new(File.read(File.join("config","database.yml"))).result)
In config I have all the information I need to perform the DB access.
Why would you not just access ENV['DATABASE_URL'] and break it up into the constituent parts? To see how this is done, if you do heroku run bash and do cat config\database.yml you will see how Heroku does this itself.
To ensure that locally it works as well if you execute via foreman run <Scriptname> then it will be executed and the contents of your .env will be loaded.
I want to set MONGOHQ_URL in my sinatra app in order to be able to do this:
uri = URI.parse(ENV['MONGOHQ_URL'])
How do I setup the MONGOHQ_URL?
on Windows: set MONGOHQ_URL=test
on Unix (bash): export MONGOHQ_URL=test
on Unix (csh): setenv MONGOHQ_URL test
In order for your environment variables to always be available to your app, you will need to make sure they get exported whenever a new terminal session launches. It's common to put these in .bashrc for example
export MONGOHQ_URL=https://some.long.secure.url # for example
But for your local development purposes you might want to check out dotenv gem which allows you to store local environment variables in .env file in root of your project. For production, you should be able to Figaro with Sinatra, for more see answer to this question or see readme on the github repo
In general you should always make sure not to commit sensitive config information in your codebase so make sure to add any files like .env or config/application.yml to your .gitignore file.