How Do You Secure database.yml?

Question

Within Ruby on Rails applications database.yml is a plain text file that stores database credentials.

When I deploy my Rails applications I have an after deploy callback

Answer 1

Take a look at this github solution: https://github.com/NUBIC/bcdatabase. bcdatabase provides an encrypted store where the passwords can be kept separated from the yaml files.

bcdatabase

bcdatabase is a library and utility which provides database configuration parameter management for Ruby on Rails applications. It provides a simple mechanism for separating database configuration attributes from application source code so that there's no temptation to check passwords into the version control system. And it centralizes the parameters for a single server so that they can be easily shared among multiple applications and easily updated by a single administrator.