Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Magento - Using custom Environment Variables for sensitive database info

I know Magento stores the database connection details within the local.xml file, however our firm is trying to avoid passwords and other sensitive data being stored within our git repo's for security purposes.

I know you can create Environment Variables easily via an .htaccess file, but I'm hoping to find a workable solution that will enable me to set this database information dynamically from a environment variable.

As the local.xml is an XML file and as this is a non dynamic/server-side filetype we cannot use it to read environment variables.

Would there be a way to somehow add in some hook/custom behaviour to Magento in which I could replace the local.xml with a PHP file that will allow me to pull in these environment variables?

So in a sense, the local.XML would become a local.PHP file with the ability to read my own custom environment variables such DB_HOST, DB_USERNAME, DB_PASSWORD rather than having them already set in the xml file as localhost, root, password123 etc.

Any ideas on how best to achieve this, or are there any existing Magento add-ons/extensions/mods that will allow me to do this?

like image 733
Zabs Avatar asked Mar 13 '14 16:03

Zabs


2 Answers

I would suggest git ignore your local.xml and dynamically create it with your deploy script. your deploy script should have your sensitive data variables.

like image 55
lucidlogic Avatar answered Oct 10 '22 12:10

lucidlogic


I found an alternative solution to the problem. I extended Mage_Core_Model_Config_Element and overrode the 'xmlentities' function to check if the configuration value it is returning starts with a dollar sign, and if so substitute it with the equivalent environment variable.

If it helps anyone else, here it is...

https://github.com/rossigee/magento-config-envvars

like image 35
Ross Avatar answered Oct 10 '22 11:10

Ross