[Catalyst] Where best to store database connection information?

Nigel Metheringham nigel at dotdot.it
Mon Feb 16 17:36:56 GMT 2015


Adam Witney wrote:
> I guess my question was more about any security issue of having the database username/password stored in a text file.  And what do people consider best practice for this from a security point of view?

One mechanism that may help is to move the DB connection data out -
a way to do this is https://metacpan.org/pod/DBIx::Class::Schema::Config

Which moves the problem around...

I tend to have dev info with configs referring to sqlite - no passwords.
Deployed versions have configs built up from templates in ansible,
credentials either gitcrypt-ed or ansible vaulted.

	Nigel.

-- 
[ Nigel Metheringham ------------------------------ nigel at dotdot.it ]
[                 Ellipsis Intangible Technologies                  ]



More information about the Catalyst mailing list