In order to store a large amount of information, websites need to purchase servers for space to do so. The server access information is needed for the servers to work. Such information must be maintained secretive, or the server can be stolen or compromised. There are a number of ways to accomplish this, but here we'll talk about using
gem figaro to secure server access information.
First you need to make sure you're already sign up for a server service somewhere, here we'll use AWS (Amazon Web Services). Once you've signed up and verified your account, you can access the AWS console, where you'll find "S3" under the "Storage & Content Delivery" category.
S3 is Amazon's storage solution, typically used to store large binary files. Then, create a bucket. Name your bucket something relevant to your project and keep the name handy.
Then, go to your text editor and do the following:
gem figaro, run
bundle installand then
Run the following to create a copy of your
application.ymlfile to be uploaded, but doesn't contain your AWS access key info:
Go to AWS console, under your user name on the top right, go to "Security Credentials", then click on "Access Key (Acces Key ID and Seceret Access Key). Click "Create New Access Key" and download the file. Save it somewhere secure.
Next go to
application.ymland place your AWS access information, as an example:
The above information is accessed by whatever gem in your app that is using the AWS storage. In my case, I'm using CarrierWave to upload images, but in order to connect to the AWS API I need another gem for integration called
gem fog. So add
gem fogto the
bundle install. And now in the imageuploader, disable the
config/initializers, create a
carrierwave.rbfile to help CarrierWave initialize, and add the below code:
ENV is short for "Environment Variables", and you can see these match the names in the
Once these are set up, go to the
.gitignorefile and add in
config/application.ymlto make sure the git will not be uploading this file containing AWS access info onto Heroku. If this is done successfully, you should see
config/application.ymleither in light grey color or hidden away.
Assuming you've already uploaded the current app onto Heroku, run
figaro heroku:set -e productionin Terminal, you should see the AWS information you've listed in
heroku configin Terminal, you should now see Heroku is setup with AWS configuration.
If all above ran smoothly, you can now commit & push to Heroku.