发表新帖
发表新帖

Is it possible to set ENV variables for rails development environment in my code?

后端 未结
关注
7 1128
心在旅途
心在旅途 2020-11-27 09:59

I know that I can set my ENV variables in bash via

export admin_password = \"secret\"

But is there a way to do it in my rails source code s

相关标签:
7条回答
  • 一向
    2020-11-27 10:13

    Never hardcode sensitive information (account credentials, passwords, etc.). Instead, create a file to store that information as environment variables (key/value pairs), and exclude that file from your source code management system. For example, in terms of Git (source code management system), exclude that file by adding it to .gitignore:

    -bash> echo '/config/app_environment_variables.rb' >> .gitignore

    /config/app_environment_variables.rb

    ENV['HTTP_USER'] = 'devuser'
ENV['HTTP_PASS'] = 'devpass'

    As well, add the following lines to /config/environment.rb, between the require line, and the Application.initialize line:

    # Load the app's custom environment variables here, so that they are loaded before environments/*.rb
app_environment_variables = File.join(Rails.root, 'config', 'app_environment_variables.rb')
load(app_environment_variables) if File.exists?(app_environment_variables)

    That's it!

    As the comment above says, by doing this you will be loading your environment variables before environments/*.rb, which means that you will be able to refer to your variables inside those files (e.g. environments/production.rb). This is a great advantage over putting your environment variables file inside /config/initializers/.

    Inside app_environment_variables.rb there's no need to distinguish environments as far as development or production because you will never commit this file into your source code management system, hence it is for the development context by default. But if you need to set something special for the test environment (or for occasions when you test production mode locally), just add a conditional block below all the other variables:

    if Rails.env.test?
  ENV['HTTP_USER'] = 'testuser'
  ENV['HTTP_PASS'] = 'testpass'
end

if Rails.env.production?
  ENV['HTTP_USER'] = 'produser'
  ENV['HTTP_PASS'] = 'prodpass'
end

    Whenever you update app_environment_variables.rb, restart the app server. Assuming you are using the likes of Apache/Passenger or rails server:

    -bash> touch tmp/restart.txt

    In your code, refer to the environment variables as follows:

    def authenticate
  authenticate_or_request_with_http_basic do |username, password|
    username == ENV['HTTP_USER'] && password == ENV['HTTP_PASS']
  end
end

    Note that inside app_environment_variables.rb you must specify booleans and numbers as strings (e.g. ENV['SEND_MAIL'] = 'false' not just false, and ENV['TIMEOUT'] = '30' not just 30), otherwise you will get the errors can't convert false into String and can't convert Fixnum into String, respectively.

    Storing and sharing sensitive information

    The final knot to tie is: how to share this sensitive information with your clients and/or partners? For the purpose of business continuity (i.e. when you get hit by a falling star, how will your clients and/or partners resume full operations of the site?), your clients and/or partners need to know all the credentials required by your app. Emailing/Skyping these things around is insecure and leads to disarray. Storing it in shared Google Docs is not bad (if everyone uses https), but an app dedicated to storing and sharing small titbits like passwords would be ideal.

    How to set environment variables on Heroku

    If you have a single environment on Heroku:

    -bash> heroku config:add HTTP_USER='herouser'
-bash> heroku config:add HTTP_USER='heropass'

    If you have multiple environments on Heroku:

    -bash> heroku config:add HTTP_USER='staguser' --remote staging
-bash> heroku config:add HTTP_PASS='stagpass' --remote staging

-bash> heroku config:add HTTP_USER='produser' --remote production
-bash> heroku config:add HTTP_PASS='prodpass' --remote production

    Foreman and .env

    Many developers use Foreman (installed with the Heroku Toolbelt) to run their apps locally (as opposed to using the likes of Apache/Passenger or rails server). Foreman and Heroku use Procfile for declaring what commands are run by your application, so the transition from local dev to Heroku is seamless in that regard. I use Foreman and Heroku in every Rails project, so this convenience is great. But here's the thing.. Foreman loads environment variables stored in /.env via dotenv but unfortunately dotenv essentially only parses the file for key=value pairs; those pairs don't become variables right there and then, so you can't refer to already set variables (to keep things DRY), nor can you do "Ruby" in there (as noted above with the conditionals), which you can do in /config/app_environment_variables.rb. For instance, in terms of keeping things DRY I sometimes do stuff like this:

    ENV['SUPPORT_EMAIL']='Company Support <support@company.com>'
ENV['MAILER_DEFAULT_FROM'] = ENV['SUPPORT_EMAIL']
ENV['MAILER_DEFAULT_TO']   = ENV['SUPPORT_EMAIL']

    Hence, I use Foreman to run my apps locally, but I don't use its .env file for loading environment variables; rather I use Foreman in conjunction with the /config/app_environment_variables.rb approach described above.

    0 讨论(0)
  • 萌比男神i
    2020-11-27 10:13

    As an aside to the solutions here, there are cleaner alternatives if you're using certain development servers.

    With Heroku's Foreman, you can create per-project environment variables in a .env file:

    ADMIN_PASSOWRD="secret"

    With Pow, you can use a .powenv file:

    export ADMIN_PASSOWRD="secret"
    0 讨论(0)
  • 抹茶落季
    2020-11-27 10:15

    [Update]

    While the solution under "old answer" will work for general problems, this section is to answer your specific question after clarification from your comment.

    You should be able to set environment variables exactly like you specify in your question. As an example, I have a Heroku app that uses HTTP basic authentication.

    # app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
  protect_from_forgery
  before_filter :authenticate

  def authenticate
    authenticate_or_request_with_http_basic do |username, password|
      username == ENV['HTTP_USER'] && password == ENV['HTTP_PASS']
    end
  end
end

# config/initializers/dev_environment.rb
unless Rails.env.production?
  ENV['HTTP_USER'] = 'testuser'
  ENV['HTTP_PASS'] = 'testpass'
end

    So in your case you would use

    unless Rails.env.production?
  ENV['admin_password'] = "secret"
end

    Don't forget to restart the server so the configuration is reloaded!

    [Old Answer]

    For app-wide configuration, you might consider a solution like the following:

    Create a file config/application.yml with a hash of options you want to be able to access:

    admin_password: something_secret
allow_registration: true
facebook:
  app_id: application_id_here
  app_secret: application_secret_here
  api_key: api_key_here

    Now, create the file config/initializers/app_config.rb and include the following:

    require 'yaml'

yaml_data = YAML::load(ERB.new(IO.read(File.join(Rails.root, 'config', 'application.yml'))).result)
APP_CONFIG = HashWithIndifferentAccess.new(yaml_data)

    Now, anywhere in your application, you can access APP_CONFIG[:admin_password], along with all your other data. (Note that since the initializer includes ERB.new, your YAML file can contain ERB markup.)

    0 讨论(0)
  • 时光取名叫无心
    2020-11-27 10:19

    The system environment and rails' environment are different things. ENV let's you work with the rails' environment, but if what you want to do is to change the system's environment in runtime you can just surround the command with backticks.

    # ruby code
`export admin_password="secret"`
# more ruby code
    0 讨论(0)
  • 刺人心
    2020-11-27 10:28

    I think the best way is to store them in some yml file and then load that file using this command in intializer file 

    APP_CONFIG = YAML.load_file("#{Rails.root}/config/CONFIG.yml")[Rails.env].to_hash

    you can easily access environment related config variables.

    Your Yml file key value structure:

    development:
  app_key: 'abc'
  app_secret: 'abc'

production:
  app_key: 'xyz'
  app_secret: 'ghq'
    0 讨论(0)
  • 我寻月下人不归
    2020-11-27 10:34

    The way I am trying to do this in my question actually works!

    # environment/development.rb

ENV['admin_password'] = "secret"

    I just had to restart the server. I thought running reload! in rails console would be enough but I also had to restart the web server.

    I am picking my own answer because I feel this is a better place to put and set the ENV variables

    0 讨论(0)
 看不清?
提交回复
热议问题