How do I configure a secret file contain secret keys to digital ocean hosted app?

February 9, 2015 986 views

Hi guys, my ROR app uses Stripe to handle payment transactions. When our app was hosted using Heroku, we had the Stripe api keys inside a secret application.yml file. But now that we are hosted under DOcean, am I right in thinking that we need to configure this application.yml file to digital ocean? If so, please may I ask for some help out points please? I'm really stuck and some pointers would be much appreciated thank you!


1 Answer

A lot of this depends on how you deploy your application. A general best practice followed by many developers is to use environmental variables to hold secret tokens. Rails 4.1 introduced the config/secrets.yml file in order to standardize how to access thing like this in applications.

If you used the environmental variable STRIPE_TOKEN to hold your token, you can source it in your config/secrets.yml like:

  stripe_token: <%= ENV["STRIPE_TOKEN"] %>

You can now access it using Rails.application.secrets.stripe_token

dotenv is a useful gem that loads the contents of a .env file into ENV

Have another answer? Share your knowledge.