CMCDragonkai
commented
10 years ago Use environment variables injected during deployment. In the end the values have to be kept somewhere, so you decide the balance between efficiency vs security.
Closed barryvdh closed 10 years ago
CMCDragonkai
commented
10 years ago Use environment variables injected during deployment. In the end the values have to be kept somewhere, so you decide the balance between efficiency vs security.
barryvdh
commented
10 years ago By injected during deployment would mean you still have to keep it in the configuration. It want to keep the password for the production DB, on the production server, not on my local dev pc/vcs.
CMCDragonkai
commented
10 years ago for example you might have a configuration repository and this might contain the keys and it is separated from your app repository, you inject these values somehow into your deployment tool when you run the tool.
CMCDragonkai
commented
10 years ago Or you can just declare the keys in your production server. Not that convenient though.
barryvdh
commented
10 years ago If possible, I want to stick to using an .env.local.php file on my local server, and a .env.php file on my production server, so I can just create it one-time and don't have to worry about it, just like the Laravel docs suggest.
jimhill
commented
10 years ago You can add this to a shared directory, but at the moment you will have issues with migrations and composer installs due to the file syncing being done after the other commands - hence the config is missing. I have added a workaround here: https://github.com/Anahkiasen/rocketeer/issues/150#issuecomment-45066784
tnarik
commented
10 years ago I use task listeners on the 'runComposer' event to copy a remote configuration file (.env.<environment>.php file) based on the connection, as well as creating a bootstrap/enviroment.php file directly in the server, which is what my apps use for environment selection.
Anahkiasen
commented
10 years ago Create local .env files and create a task to upload them on the server via $task->upload('path/to/local/file')
That's on the develop branch only for now.
barryvdh
commented
9 years ago Okay so Laravel5 uses .env files, L4 .env.php. So I can just add .env.php to the list of files to be shared and create a .env.php file in the shared folder on the server. Then just make sure the file isn't in git and it seems to work fine :)
imolorhe
commented
7 years ago @Anahkiasen Do we still need to create a task to upload the .env file? Or does the deploy automatically handle the .env file?
Following the tips from the Laravel docs on sensitive information (http://laravel.com/docs/configuration#protecting-sensitive-configuration), what would you suggest what would be the best way to handle this using Rocketeer? Something similar to #150, by copying it in task? Would this be useful to include in the core (as it is the suggested approach by Laravel)?
I want to prevent having to put my database passwd/keys etc in the git repo.