Mailing List Archive

the catalyst configloader can load more then just one file.

by default it loads "myapp.conf"

if a file named "myapp_local.conf" exists it is loaded aswell.

docs: https://metacpan.org/pod/distribution/Catalyst-Plugin-ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-configuration-file

On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
> Hi,
>
> I have a Catalyst / DBIx::Class application and I have been storing the database connection parameters in a config file which is sourced using MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security problem having the main password in a text file like this, especially if it goes into git.
>
> Is there a recommended or best practice place to store database connection information?
>
> Thanks for any help
>
> Adam
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Catalyst uses Config::General to read .conf files. If Config::General is
configured with the option -UseApacheInclude,
then you can use an apache "include file.conf" in the .conf file to include
another file from another directory which is not saved by git.

Or the option -IncludeDirectories can be also useful so all the files from
the given directory will be included.

--Octavian

----- Original Message -----
From: "David Schmidt" <davewood@gmx.at>
To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
Sent: Monday, February 16, 2015 6:22 PM
Subject: Re: [Catalyst] Where best to store database connection information?


> the catalyst configloader can load more then just one file.
>
> by default it loads "myapp.conf"
>
> if a file named "myapp_local.conf" exists it is loaded aswell.
>
> docs:
> https://metacpan.org/pod/distribution/Catalyst-Plugin-ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-configuration-file
>
> On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
>> Hi,
>>
>> I have a Catalyst / DBIx::Class application and I have been storing the
>> database connection parameters in a config file which is sourced using
>> MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security problem
>> having the main password in a text file like this, especially if it goes
>> into git.
>>
>> Is there a recommended or best practice place to store database
>> connection information?
>>
>> Thanks for any help
>>
>> Adam
>>
>> _______________________________________________
>> List: Catalyst@lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive:
>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/


_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Hi,

Thanks for your replies.

I guess my question was more about any security issue of having the database username/password stored in a text file. And what do people consider best practice for this from a security point of view?

Thanks

Adam


> -----Original Message-----
> From: Octavian Rasnita [mailto:orasnita@gmail.com]
> Sent: 16. februára 2015 17:10
> To: The elegant MVC web framework
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
> Catalyst uses Config::General to read .conf files. If Config::General is
> configured with the option -UseApacheInclude, then you can use an apache
> "include file.conf" in the .conf file to include another file from another
> directory which is not saved by git.
>
> Or the option -IncludeDirectories can be also useful so all the files from the
> given directory will be included.
>
> --Octavian
>
> ----- Original Message -----
> From: "David Schmidt" <davewood@gmx.at>
> To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
> Sent: Monday, February 16, 2015 6:22 PM
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
>
> > the catalyst configloader can load more then just one file.
> >
> > by default it loads "myapp.conf"
> >
> > if a file named "myapp_local.conf" exists it is loaded aswell.
> >
> > docs:
> > https://metacpan.org/pod/distribution/Catalyst-Plugin-
> ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-
> configuration-file
> >
> > On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
> >> Hi,
> >>
> >> I have a Catalyst / DBIx::Class application and I have been storing the
> >> database connection parameters in a config file which is sourced using
> >> MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security
> problem
> >> having the main password in a text file like this, especially if it goes
> >> into git.
> >>
> >> Is there a recommended or best practice place to store database
> >> connection information?
> >>
> >> Thanks for any help
> >>
> >> Adam
> >>
> >> _______________________________________________
> >> List: Catalyst@lists.scsys.co.uk
> >> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> >> Searchable archive:
> >> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> >> Dev site: http://dev.catalyst.perl.org/
> >
> > _______________________________________________
> > List: Catalyst@lists.scsys.co.uk
> > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > Searchable archive:
> > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > Dev site: http://dev.catalyst.perl.org/
>
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Hi Adam

The specific difficulty you mentioned can be solved by
https://help.github.com/articles/ignoring-files/ this is pretty a necessity
for github otherwise, sooner or later, one forgets.

Best regards Hugh

On 16 February 2015 at 17:24, Adam Witney <awitney@sgul.ac.uk> wrote:

>
> Hi,
>
> Thanks for your replies.
>
> I guess my question was more about any security issue of having the
> database username/password stored in a text file. And what do people
> consider best practice for this from a security point of view?
>
> Thanks
>
> Adam
>
>
> > -----Original Message-----
> > From: Octavian Rasnita [mailto:orasnita@gmail.com]
> > Sent: 16. februára 2015 17:10
> > To: The elegant MVC web framework
> > Subject: Re: [Catalyst] Where best to store database connection
> > information?
> >
> > Catalyst uses Config::General to read .conf files. If Config::General is
> > configured with the option -UseApacheInclude, then you can use an apache
> > "include file.conf" in the .conf file to include another file from
> another
> > directory which is not saved by git.
> >
> > Or the option -IncludeDirectories can be also useful so all the files
> from the
> > given directory will be included.
> >
> > --Octavian
> >
> > ----- Original Message -----
> > From: "David Schmidt" <davewood@gmx.at>
> > To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
> > Sent: Monday, February 16, 2015 6:22 PM
> > Subject: Re: [Catalyst] Where best to store database connection
> > information?
> >
> >
> > > the catalyst configloader can load more then just one file.
> > >
> > > by default it loads "myapp.conf"
> > >
> > > if a file named "myapp_local.conf" exists it is loaded aswell.
> > >
> > > docs:
> > > https://metacpan.org/pod/distribution/Catalyst-Plugin-
> > ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-
> > configuration-file
> > >
> > > On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
> > >> Hi,
> > >>
> > >> I have a Catalyst / DBIx::Class application and I have been storing
> the
> > >> database connection parameters in a config file which is sourced using
> > >> MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security
> > problem
> > >> having the main password in a text file like this, especially if it
> goes
> > >> into git.
> > >>
> > >> Is there a recommended or best practice place to store database
> > >> connection information?
> > >>
> > >> Thanks for any help
> > >>
> > >> Adam
> > >>
> > >> _______________________________________________
> > >> List: Catalyst@lists.scsys.co.uk
> > >> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > >> Searchable archive:
> > >> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > >> Dev site: http://dev.catalyst.perl.org/
> > >
> > > _______________________________________________
> > > List: Catalyst@lists.scsys.co.uk
> > > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > > Searchable archive:
> > > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > > Dev site: http://dev.catalyst.perl.org/
> >
> >
> > _______________________________________________
> > List: Catalyst@lists.scsys.co.uk
> > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > Dev site: http://dev.catalyst.perl.org/
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>



--
http://www.hughbarnard.org
http://www.twitter.com/hughbarnard
http://www.big-wave-heuristics.com/
<http://www.hackney-environment-network.org.uk/>

I have mine in an adaptor class singleton.

Just be aware using this approach means if there is an error and you have debug / trace switched on it outputs the username and password in the debug output!

So always ensure you never leave these flags on when you publish the live version.

-----Original Message-----
From: Adam Witney [mailto:awitney@sgul.ac.uk]
Sent: 16 February 2015 17:25
To: The elegant MVC web framework
Subject: Re: [Catalyst] Where best to store database connection information?


Hi,

Thanks for your replies.

I guess my question was more about any security issue of having the database username/password stored in a text file. And what do people consider best practice for this from a security point of view?

Thanks

Adam


> -----Original Message-----
> From: Octavian Rasnita [mailto:orasnita@gmail.com]
> Sent: 16. februára 2015 17:10
> To: The elegant MVC web framework
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
> Catalyst uses Config::General to read .conf files. If Config::General
> is configured with the option -UseApacheInclude, then you can use an
> apache "include file.conf" in the .conf file to include another file
> from another directory which is not saved by git.
>
> Or the option -IncludeDirectories can be also useful so all the files
> from the given directory will be included.
>
> --Octavian
>
> ----- Original Message -----
> From: "David Schmidt" <davewood@gmx.at>
> To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
> Sent: Monday, February 16, 2015 6:22 PM
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
>
> > the catalyst configloader can load more then just one file.
> >
> > by default it loads "myapp.conf"
> >
> > if a file named "myapp_local.conf" exists it is loaded aswell.
> >
> > docs:
> > https://metacpan.org/pod/distribution/Catalyst-Plugin-
> ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local
> -
> configuration-file
> >
> > On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
> >> Hi,
> >>
> >> I have a Catalyst / DBIx::Class application and I have been storing
> >> the database connection parameters in a config file which is
> >> sourced using MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a
> >> security
> problem
> >> having the main password in a text file like this, especially if it
> >> goes into git.
> >>
> >> Is there a recommended or best practice place to store database
> >> connection information?
> >>
> >> Thanks for any help
> >>
> >> Adam
> >>
> >> _______________________________________________
> >> List: Catalyst@lists.scsys.co.uk
> >> Listinfo:
> >> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> >> Searchable archive:
> >> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> >> Dev site: http://dev.catalyst.perl.org/
> >
> > _______________________________________________
> > List: Catalyst@lists.scsys.co.uk
> > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > Searchable archive:
> > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > Dev site: http://dev.catalyst.perl.org/
>
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
This Email and any attachments contain confidential information and is intended solely for the individual to whom it is addressed. If this Email has been misdirected, please notify the author as soon as possible. If you are not the intended recipient you must not disclose, distribute, copy, print or rely on any of the information contained, and all copies must be deleted immediately. Whilst we take reasonable steps to try to identify any software viruses, any attachments to this e-mail may nevertheless contain viruses, which our anti-virus software has failed to identify. You should therefore carry out your own anti-virus checks before opening any documents. HomeLoan Partnership will not accept any liability for damage caused by computer viruses emanating from any attachment or other document supplied with this e-mail. HomeLoan Partnership reserves the right to monitor and archive all e-mail communications through its network. No representative or employee of HomeLoan Partnership has the authority to enter into any contract on behalf of HomeLoan Partnership by email. HomeLoan Partnership is a trading name of H L Partnership Limited, registered in England and Wales with Registration Number 5011722. Registered office: Pharos House, 67 High Street, Worthing, West Sussex, BN11 1DN. H L Partnership Limited is authorised and regulated by the Financial Conduct Authority.

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Adam Witney wrote:
> I guess my question was more about any security issue of having the database username/password stored in a text file. And what do people consider best practice for this from a security point of view?

One mechanism that may help is to move the DB connection data out -
a way to do this is https://metacpan.org/pod/DBIx::Class::Schema::Config

Which moves the problem around...

I tend to have dev info with configs referring to sqlite - no passwords.
Deployed versions have configs built up from templates in ansible,
credentials either gitcrypt-ed or ansible vaulted.

Nigel.

--
[ Nigel Metheringham ------------------------------ nigel@dotdot.it ]
[ Ellipsis Intangible Technologies ]

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

If the application is owned by another user than root (as recommended) and
it is kept in a directory with limited permissions, then other users won't
have access to it.
The root will have access, but it would have access to anything on that
server...

--Octavian

----- Original Message -----
From: "Adam Witney" <awitney@sgul.ac.uk>
To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
Sent: Monday, February 16, 2015 7:24 PM
Subject: Re: [Catalyst] Where best to store database connection information?



Hi,

Thanks for your replies.

I guess my question was more about any security issue of having the database
username/password stored in a text file. And what do people consider best
practice for this from a security point of view?

Thanks

Adam


> -----Original Message-----
> From: Octavian Rasnita [mailto:orasnita@gmail.com]
> Sent: 16. februára 2015 17:10
> To: The elegant MVC web framework
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
> Catalyst uses Config::General to read .conf files. If Config::General is
> configured with the option -UseApacheInclude, then you can use an apache
> "include file.conf" in the .conf file to include another file from another
> directory which is not saved by git.
>
> Or the option -IncludeDirectories can be also useful so all the files from
> the
> given directory will be included.
>
> --Octavian
>
> ----- Original Message -----
> From: "David Schmidt" <davewood@gmx.at>
> To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
> Sent: Monday, February 16, 2015 6:22 PM
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
>
> > the catalyst configloader can load more then just one file.
> >
> > by default it loads "myapp.conf"
> >
> > if a file named "myapp_local.conf" exists it is loaded aswell.
> >
> > docs:
> > https://metacpan.org/pod/distribution/Catalyst-Plugin-
> ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-
> configuration-file
> >
> > On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
> >> Hi,
> >>
> >> I have a Catalyst / DBIx::Class application and I have been storing the
> >> database connection parameters in a config file which is sourced using
> >> MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security
> problem
> >> having the main password in a text file like this, especially if it
> >> goes
> >> into git.
> >>
> >> Is there a recommended or best practice place to store database
> >> connection information?
> >>
> >> Thanks for any help
> >>
> >> Adam
> >>
> >> _______________________________________________
> >> List: Catalyst@lists.scsys.co.uk
> >> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> >> Searchable archive:
> >> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> >> Dev site: http://dev.catalyst.perl.org/
> >
> > _______________________________________________
> > List: Catalyst@lists.scsys.co.uk
> > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > Searchable archive:
> > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > Dev site: http://dev.catalyst.perl.org/
>
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

People do different things based on there setup.  I tend to use ENV vars and store them on the local server under /etc with a restricted account.  There's no official way to do this (we are not Rails :)). -jnap

On Monday, February 16, 2015 8:42 AM, Adam Witney <awitney@sgul.ac.uk> wrote:


Hi,

I have a Catalyst / DBIx::Class application and I have been storing the database connection parameters in a config file which is sourced using MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security problem having the main password in a text file like this, especially if it goes into git.

Is there a recommended or best practice place to store database connection information?

Thanks for any help

Adam

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

Note that Catalyst itself doesn't use any config loading,
Catalyst::Plugin::ConfigLoader does.
This then uses different config file format modules depending on the
file extension.


On 2015-02-16 18:10, Octavian Rasnita wrote:
> Catalyst uses Config::General to read .conf files. If Config::General
> is configured with the option -UseApacheInclude,
> then you can use an apache "include file.conf" in the .conf file to
> include another file from another directory which is not saved by git.
>
> Or the option -IncludeDirectories can be also useful so all the files
> from the given directory will be included.
>
> --Octavian
>
> ----- Original Message ----- From: "David Schmidt" <davewood@gmx.at>
> To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
> Sent: Monday, February 16, 2015 6:22 PM
> Subject: Re: [Catalyst] Where best to store database connection
> information?
>
>
>> the catalyst configloader can load more then just one file.
>>
>> by default it loads "myapp.conf"
>>
>> if a file named "myapp_local.conf" exists it is loaded aswell.
>>
>> docs:
>> https://metacpan.org/pod/distribution/Catalyst-Plugin-ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-configuration-file
>>
>> On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
>>> Hi,
>>>
>>> I have a Catalyst / DBIx::Class application and I have been storing
>>> the database connection parameters in a config file which is sourced
>>> using MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security
>>> problem having the main password in a text file like this,
>>> especially if it goes into git.
>>>
>>> Is there a recommended or best practice place to store database
>>> connection information?
>>>
>>> Thanks for any help
>>>
>>> Adam
>>>
>>> _______________________________________________
>>> List: Catalyst@lists.scsys.co.uk
>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>> Searchable archive:
>>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>>> Dev site: http://dev.catalyst.perl.org/
>>
>> _______________________________________________
>> List: Catalyst@lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive:
>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/



*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*

_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/

I generally store my config files in /etc/app_name/config.yml and then I
use MooseX::Singleton to store and YAML::XS to load the config data from
the yml into the app in app_name.pm
HTH,
-Shantanu Bhadoria

On Tue, Feb 17, 2015 at 11:09 PM, Hartmaier Alexander <
alexander.hartmaier@t-systems.at> wrote:

> Note that Catalyst itself doesn't use any config loading,
> Catalyst::Plugin::ConfigLoader does.
> This then uses different config file format modules depending on the
> file extension.
>
>
>
> On 2015-02-16 18:10, Octavian Rasnita wrote:
>
>> Catalyst uses Config::General to read .conf files. If Config::General
>> is configured with the option -UseApacheInclude,
>> then you can use an apache "include file.conf" in the .conf file to
>> include another file from another directory which is not saved by git.
>>
>> Or the option -IncludeDirectories can be also useful so all the files
>> from the given directory will be included.
>>
>> --Octavian
>>
>> ----- Original Message ----- From: "David Schmidt" <davewood@gmx.at>
>> To: "The elegant MVC web framework" <catalyst@lists.scsys.co.uk>
>> Sent: Monday, February 16, 2015 6:22 PM
>> Subject: Re: [Catalyst] Where best to store database connection
>> information?
>>
>>
>> the catalyst configloader can load more then just one file.
>>>
>>> by default it loads "myapp.conf"
>>>
>>> if a file named "myapp_local.conf" exists it is loaded aswell.
>>>
>>> docs:
>>> https://metacpan.org/pod/distribution/Catalyst-Plugin-
>>> ConfigLoader/lib/Catalyst/Plugin/ConfigLoader/Manual.pod#Using-a-local-
>>> configuration-file
>>>
>>> On 16 February 2015 at 15:42, Adam Witney <awitney@sgul.ac.uk> wrote:
>>>
>>>> Hi,
>>>>
>>>> I have a Catalyst / DBIx::Class application and I have been storing
>>>> the database connection parameters in a config file which is sourced
>>>> using MYAPP_CONFIG_LOCAL_SUFFIX. But this seems a bit of a security
>>>> problem having the main password in a text file like this,
>>>> especially if it goes into git.
>>>>
>>>> Is there a recommended or best practice place to store database
>>>> connection information?
>>>>
>>>> Thanks for any help
>>>>
>>>> Adam
>>>>
>>>> _______________________________________________
>>>> List: Catalyst@lists.scsys.co.uk
>>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>>> Searchable archive:
>>>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>>>> Dev site: http://dev.catalyst.perl.org/
>>>>
>>>
>>> _______________________________________________
>>> List: Catalyst@lists.scsys.co.uk
>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>> Searchable archive:
>>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>>> Dev site: http://dev.catalyst.perl.org/
>>>
>>
>>
>> _______________________________________________
>> List: Catalyst@lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive:
>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>>
>
>
>
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"
> *"*"*"*"*"*"*"*"*
> T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
> Handelsgericht Wien, FN 79340b
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"
> *"*"*"*"*"*"*"*"*
> Notice: This e-mail contains information that is confidential and may be
> privileged.
> If you are not the intended recipient, please notify the sender and then
> delete this e-mail immediately.
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"
> *"*"*"*"*"*"*"*"*
>
>
> _______________________________________________
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/
> catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>

Hi,



>>But this seems a bit of a security
>>problem having the main password in a text file like this,
>>especially if it goes into git.





What i do is i will modify the password on production manually and successive update / pull will not modify the password, and i will also not commit the change in git / svn. Barring this config change it is a bad habbit to modify anything on production, Let me know if someone disagrees.



Also in case you need a solution where the config file is password protected not a part of main repository then you will need external svn repo i guess (in case of svn ) , might be a better svn / repo config question.

Thanks

Abhishek

Thanks guys for all the helpful ideas!


From: abhishek jain [mailto:abhishek.netjain@gmail.com]
Sent: 18. februára 2015 6:27
To: 'The elegant MVC web framework'
Subject: Re: [Catalyst] Where best to store database connection information?

Hi,

>>But this seems a bit of a security
>>problem having the main password in a text file like this,
>>especially if it goes into git.


What i do is i will modify the password on production manually and successive update / pull will not modify the password, and i will also not commit the change in git / svn. Barring this config change it is a bad habbit to modify anything on production, Let me know if someone disagrees.

Also in case you need a solution where the config file is password protected not a part of main repository then you will need external svn repo i guess (in case of svn ) , might be a better svn / repo config question.
Thanks
Abhishek