Postgres <=> Rails . How to auto-create a user from database.yml

Question

I am using PG for my rails4 application.

Every time I git clone to a new machine or clear my project, I have to keep creating the user for postgres before I get the app working again.

This is a problem when I share my code with designers etc and they have to unnecessarily get into details of setting up the db users and making them super users etc.

Is there a way I can automate this , given that I am using the PG gem and the Rails already know about the users I need from my database.yml

Answer 1

You shouldn't be doing this. database.yml doesn't belong in version control, see How to manage Rails database.yml.

You should be storing a template file (I use config/database.yml.example) and each person who clones your app should copy the template file to config/database.yml, and add to it their existing database user and password, for connecting to their local development instance of Postgres.

Your designers should also have a single development user on their local machines, and it's up to them to place their credentials into config/database.yml.

There is no way to have Rails create database users for you, because it's supposed to be your job to tell Rails existing database user it should use. All your apps, in your development environment, should be using the same user.

Answer 2

If you run the initdb command with the --auth-local trust option right after PostgreSQL installation, it will bypass all future database user authentication:

initdb /usr/local/var/postgres -E utf8 --auth-local trust

Of course this would be a major security issue when used outside a development environment. But since you mentioned the specific need to have a quicker setup for people who work on the project, it seemed like it might be a possible approach in your case.

Answer 3

@meagar is correct about keeping your passwords and keys out of version control, so definitely keep that advice in mind.

It's conventional these days to use environment variables to store login information, because that data is inherently tied to the environment you're running on. So you could, in fact, check database.yml into version control, provided you put in calls to environment variables, rather than the actual secrets.

For example, you could put something like username: <%= ENV[DB_USER_DEV] %> and password: <%= ENV[DB_PASS_DEV] %> in your database.yml file. Then, put DB_USER_DEV=my_psql_username and DB_PASS_DEV=hashed_gibberish into ~/.profile.

With vagrant, I create the user and environment variables in the provisioning of the Vagrantfile for the base box. All our projects use the same base box, and adding those ENV vars to database.yml more or less automate everything in dev!