How to store database passwords in git repository?

A

Anatoly602014-12-28 14:32:11

git

Anatoly60, 2014-12-28 14:32:11

We have a web project, the code of which is hosted on github or bitbucket. There is a file with database connection settings (login and password). Committing this file with real data is not entirely correct from a security point of view. If you edit the config manually after deploying the project, conflicts may occur at the time of deployment (git pull).
How to properly manage passwords and sensitive data and remote git repositories?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

S

Sergey, 2014-12-28
Protko @Fesor

Do not store them in a git repository at all, or encrypt a file with credits in a gpg archive using private keys + pass. This is perhaps the most versatile way. For fans of ansible, there is ansible vault
ps Stop deploying via git pull.

M

Melkij, 2014-12-28
@melkij

db.conf.dist is placed in the repository.
Next, to choose from:
when installing, the requirement to create your own db.conf configuration based on the reference one
Or a two-level config - first look in db.conf, if the desired option is not there or the file does not exist - we take the reference from *. dist.

I

index0h, 2014-12-28
@index0h

Dev / test environment can be freely stored in the repository. Production - must be ignored.
If the repository is private (on your own server) + access to the product is not given to anyone, in principle, you can store the settings for it in the repository

S

Sergey Romanov, 2014-12-28
@Serhioromano

I don’t know what the project is on, so I’ll advise you, but it may not work.
On my nodejs projects, I set up ENV environment variables on the server and locally. And I use them through process.ENV. I'm not sure, but it seems that something similar can be done for PHP. But I don't know. I just believe there must be something.