Where should I store keys specific to my development, test, production servers in my

Question

0

Asked: June 2, 20262026-06-02T23:32:10+00:00 2026-06-02T23:32:10+00:00

Where should I store keys specific to my development, test, production servers in my

0

Where should I store keys specific to my development, test, production servers in my ruby project? For example where should store my development-specific amazon s3 secret and key? my config/development.rb file? One issue I see with that is if the file was a part of a public github project it would show for everyone.
Thanks!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-02T23:32:12+00:00

You store separate environment variables in config/development.rb, config/testing.rb and config/production.rb respectively.

However, if your files will be stored in a public git repo, you do not want to hardcode any sensitive information into them. The best method is to use either yaml files that are part of your .gitignore or to use Environment variables in your shell. I prefer the latter, like this:

PAPERCLIP_OPTIONS = { storage:          :s3,
                      bucket:           ENV['S3_BUCKET'],
                      s3_credentials: { access_key_id: ENV['S3_KEY'],
                                        secret_access_key: ENV['S3_SECRET'] }}

You then just set the environment variables on the system that is running the app.

If you use the yaml config file method, you must add the sensitive config files to your .gitignore file. Otherwise they will still be uploaded to your public repo.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Where should I store keys specific to my development, test, production servers in my

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply