Reputation: 19505
How to securely connect to PostgreSQL database, with Ruby?
I feel uncomfortable saving my password in a file:
require 'pg'
conn = PG::Connection.open(host: 'server.example.com', password: 'hello_everyone')
Also, is there a way to determine or ensure that the transmission is encrypted? I am just worried about the implications of running my app locally, when it must connect to a remote database (I am worried about all the data, including the authentication credentials, being sent in the clear).
Upvotes: 0
Views: 692
Answers (1)
Reputation: 23713
Regarding the password:
I would recommend setting it in an ENV variable. Take a look at dotenv gem. Basically, you are going to be able to do something like:
require 'pg'
conn = PG::Connection.open(host: ENV['database_host'], password: ENV['database_password'])
The values that are loaded into ENV will be stored in a file (.env) which you should not commit.
Regarding data encryption
You should take a look at SSH tunneling to connect to the remote DB.
Upvotes: 1
Related Questions
- How to show tables in PostgreSQL?
- How can I change a PostgreSQL user password?
- How can I drop all the tables in a PostgreSQL database?
- How to call shell commands from Ruby
- How to write a switch statement in Ruby
- Creating a copy of a database in PostgreSQL
- How to exit from PostgreSQL command line utility: psql
- How to understand nil vs. empty vs. blank in Ruby
- How to check if a value exists in an array in Ruby
- Ruby: How to install a specific version of a ruby gem?