I want a safe way to store the username and password of an API without other people seeing it within my cloud9 Ruby on Rails app. Is it safe to save them as environment variables?
I know my c9 code is public but are these variables also public?
How do I access them within the rails console? I tried ENV["VARIABLE_NAME"] but this does not seem to work within the console. Is there anything else I should do?
You can define environment variables in ~/.profile. Files outside of the workspace directory /home/ubuntu/workspace are not accessible for read only users. You can do e.g.
$ echo "export SECRET=geheim" >> ~/.profile
to define the variable SECRET and then use it through ENV["SECRET"] from your application. The runners (from the "run" button) and the terminal will evaluate ~/.profile and make the environment variable available to your app.
see also Storing securely passwords for connection to DB in opensource projects