Deploying app ENV variables with Rbenv, Passenger and Capistrano

&quot;Put the secret into your shared&#x2F;.rbenv-vars file&quot;... and then say goodbye to them! <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130" rel="nofollow">http:&#x2F;&#x2F;www.cve.mitre.org&#x2F;cgi-bin&#x2F;cvename.cgi?name=CVE-2014-0...</a> . I don&#x27;t think keeping your secrets in a file accessible to the web server is a good idea because of LFI vulns like this.<p>Some other ideas that I&#x27;ve heard that may be better: store the secrets on a separate &quot;offline&quot; server that only the web server can talk to. Or have the file readable only by root, run a bootstrap script as root that would read the file, drop root privs, and then start the webserver.

I&#x27;m going to go ahead and say that most people don&#x27;t need rvm&#x2F;rbenv&#x2F;chruby etc in production.<p>Ask yourself if you really need multiple versions of ruby in production because if not you can save yourself the headache of setting it up.