Ad
What Is A Good Way Of Hiding Mysql2 Password When Deploying With Capistrano
So, here is my capistrano file
load 'deploy/assets'
require "bundler/capistrano"
set :application, "XXXXXX"
set :repository, "XXXXXX"
set :scm, :git # You can set :scm explicitly or Capistrano will make an intelligent guess based on known version control directory names
# Or: `accurev`, `bzr`, `cvs`, `darcs`, `git`, `mercurial`, `perforce`, `subversion` or `none`
set :repository , "XXXXXX"
role :web, "XXXXXX" # Your HTTP server, Apache/etc
role :app, "XXXXXX" # This may be the same as your `Web` server
role :db, "XXXXXX", :primary => true # This is where Rails migrations will run
#role :db, "your slave db-server here"
set :user, 'root'
set :use_sudo, false
set :deploy_to, "/var/www/#{application}"
set :deploy_via, :remote_cache
set :normalize_asset_timestamps, false
# if you want to clean up old releases on each deploy uncomment this:
# after "deploy:restart", "deploy:cleanup"
# if you're still using the script/reaper helper you will need
# these http://github.com/rails/irs_process_scripts
# If you are using Passenger mod_rails uncomment this:
namespace :deploy do
task :start do ; end
task :stop do ; end
task :restart, :roles => :app, :except => { :no_release => true } do
run "touch #{File.join(current_path,'tmp','restart.txt')}"
end
end
Now when i run cap deploy i get an error
Access denied for user 'root'@'localhost' (using password: NO)
I am assuming thats because my database.yml file is
development:
adapter: sqlite3
database: db/development.sqlite3
pool: 5
timeout: 5000
# Warning: The database defined as "test" will be erased and
# re-generated from your development database when you run "rake".
# Do not set this db to the same as development or production.
test:
adapter: sqlite3
database: db/test.sqlite3
pool: 5
timeout: 5000
production:
adapter: mysql2
encoding: utf8
database: XXXXX
username: root
password:
socket: /tmp/mysql.sock
Now since i have a public github account. I dont want to pass in my password and publish it to a github. And if I dont pass in the password i am unable to deploy the app.
What is a good way to handle this problem?
Thanks
Ad
Answer
I would recommend the following:
- Move
config/database.ymltoconfig/database.yml.samplein your repo - Remove any sensitive information in
config/database.yml.sample, such as passwords, and
commit the "sample" config file to your repo. - Add
config/database.ymlto your.gitignorefile, so it cannot be committed to the repo - On your server, manually copy
config/database.yml.sampletoconfig/database.ymlin yourshared/directory that Capistrano creates for you. This should be done after you run thecap deploy:setupcommand, which creates the top-levelsharedandreleasesdirectories. This should just be done once, manually, when setting up your application. - In
shared/config/database.ymlon the server, fill in the actual DB details, including passwords.chmodthe file so it isn't readable by those who should not have access. Add the following to your deploy script:
namespace(:customs) do task :symlink_db, :roles => :app do run <<-CMD ln -nfs #{shared_path}/config/database.yml #{release_path}/config/database.yml CMD end end after "deploy:update_code", "customs:symlink_db"
Ad
source: stackoverflow.com
Related Questions
- → Trigger a click with jQuery using link_to of rails 4
- → Adding html data attribute to simple_forms input
- → How to remove parameters from the root URL if it does I18n
- → passing parameters to rails back end from an ajax call
- → Blocking ?page= in robots.txt
- → react js and rails Updating state on a component with active record relationship
- → Kaminari How to process routes as javascript
- → State not passed into prop
- → Cannot read property 'modalIsOpen' of undefined
- → Objects not valid issue
- → How to map API params to model
- → Consuming webhooks shopify-api
- → How to add ScriptTag on shopify_api gem?
Ad