Description
The configuration system (lib/tiny_mon/config.rb) reads from YAML files in config/deployments/<environment>/config.yml. These files contain secrets (SMTP password, secret_token) and must be excluded from git—but the pattern makes deployment to PaaS platforms (Heroku, Render, Railway, Fly.io) impossible, as they configure apps via environment variables.
The config/deployments/development/config.yml file (which contains actual secrets) is committed to the repo despite the intent to ignore it.
Impact
- Cannot deploy to any 12-factor-app-compatible platform.
- Secrets must be managed as files on each server—hard to rotate, easy to leak.
- No support for
dotenv / .env workflow for local development.
Suggested approach
Refactor lib/tiny_mon/config.rb to read from ENV with YAML as a fallback:
def email_password
ENV['SMTP_PASSWORD'] || config['email_password']
end
For a full 12-factor approach, remove the YAML config files entirely and use dotenv-rails for local development.
Effort: medium
Description
The configuration system (
lib/tiny_mon/config.rb) reads from YAML files inconfig/deployments/<environment>/config.yml. These files contain secrets (SMTP password, secret_token) and must be excluded from git—but the pattern makes deployment to PaaS platforms (Heroku, Render, Railway, Fly.io) impossible, as they configure apps via environment variables.The
config/deployments/development/config.ymlfile (which contains actual secrets) is committed to the repo despite the intent to ignore it.Impact
dotenv/.envworkflow for local development.Suggested approach
Refactor
lib/tiny_mon/config.rbto read fromENVwith YAML as a fallback:For a full 12-factor approach, remove the YAML config files entirely and use
dotenv-railsfor local development.Effort: medium