new to ruby

Hello,

In order to quickly get a web site / database application running, I decided to use ruby on rails. It is installed on my system, and I generated a project. I am using the Ruby on Rails book as a guide, but find that some of the scripts are missing from my project, ie ‘generate’. Where can I find the generate script to start modifying my project?

Second, do I really have to put the mysql root password in the database.yml file? This is a security risk. Is there a workaround to doing this?

Thanks for any help you can supply.
Joe White

You’re probably reading an old tutorial for Rails 2. Try this one:

http://guides.rubyonrails.org/getting_started.html

For the database.yml, you can use environment variables instead, but

I wouldn’t personally advise you to use MySql, but PostgreSQL
instead.

In that case, if you're running a single server with both PG and the

web server in the same machine, you could just use IDENT auth
instead of password based one.

Given that you have to store the database password somewhere, where are you comfortable storing it? I store a (non version-controlled) database.yml outside the file hierarchy of my rails app and symlink it into the rails_root/config directory whenever I deploy. It’s automated (Capistrano) so it’s no overhead. It’s still (virtually) within the rails app, but it’s not in your source code repo.

Would that meet your security concerns?

Hello Rodrigo,

Thank you for the link to recent Ruby on Rails guides.

We can’t use PG because we have a signif. amount of data in mysql and don’t want to swith.

Cheers,
Joe White

Hello Les,

Thanks for the suggestion of using symlinks. This will work as soon as I get the permissions issues worked out. I think this will improve security. I am not familiar with Capistrano; what does it do?

Thanks,
Joe

It would also be wise to create a new MySQL user with restricted privileges and use that instead of root, as well.

Hello Joe,

Capistrano is a gem that automates the tasks associated with updating code from your source repo to your server. For example one common strategy is to keep several revisions of source code on the server, and only “run” the most recent. When you update the server, you may want to run database migrations, precompile, compress and combine your coffeescript/js/css assets, re-link into other files in the filesystem (database.yml), and you may even be running multiple servers that need to be kept in sync. Capistrano does this all by running scripts on your local development machine, so deploying a new update is just a single local command. http://rubygems.org/gems/capistrano.

It’s pretty widely used in the Rails community.

Les

Hi Les,

Thank you. I’ll get the gem.

Joe