Heroku "strongly recommends using PostgreSQL during development" so that I have been doing the last few months. I use rails 3.2.8 and between Daniel Kehoe excellent Rails Heroku Tutorial and Ryan Bates railscast on PostgreSQL Migration I was able to run and run applications. My problem is that postgreSQL is working under the hood (with roles, users, superusers, etc.), which I don’t understand. I am particularly concerned about the fact that I used “trust” authentication both locally and during the deployment process. Does this mean that random people can somehow access my application database?
From time to time in rails / github environments, I come across links to the app config / database.yml file with github (possibly only with public or shared repositories), since this file contains password information. I always look at this file and scratch my head. I do not put password information there. Here's what this file looks like for development, testing, and production (note: I show only one of three for brevity, since they are all the same.):
[development, test or production]:
adapter: postgresql
encoding: unicode
database: [myapp]_[development, test or production]
pool: 5
username: [myapp]
password:
I am afraid to know what should I do to configure postgreSQL to install rails correctly and safely in my applications. Thanks in advance for any thoughts. You will make the world a safer place!
source
share