Secrets Management

Logins, passwords, tokens, private URLs. We usually need a few of those to connect to the database, connect to a 3rd party service that handles the incoming e-mails, an application monitoring service running on a different server, or reliable cloud storage. Since we need to keep secrets private, we usually don’t include them inside the application source code, and so they don’t get deployed when our application does. Handling this runtime configuration, private or not, becomes another piece to the puzzle.

Table of Contents

Keeping Secrets

Environment Variables

Rails Encrypted Credentials


Buy for $50
Rated 36x five stars
Gumroad (as of Aug 3, 2023)
I am using some scripts I downloaded from Josef Strzibny's book that are setting up Ruby on Rails deployment and automatically installing a PostgreSQL server. I am also using Dokku, but I like the idea of controlling what is happening on the server.
Lucian Ghinda, Senior Ruby Developer