Getting started with Rails and CipherStash
This guide will step you through adding CipherStash to your Ruby on Rails application.
By the end of this guide, you will have:
- Encrypted sensitive data inside your existing database
- Queried that encrypted data
The steps you’ll go through are:
- Define which database columns should be encrypted
- Encrypt the sensitive data
- Query the newly encrypted data
Before you start
You’ll need to install some tools:
This tutorial takes you through adding CipherStash to an existing Rails application using PostgreSQL.
Start by cloning the repo and installing dependencies:
git clone https://github.com/cipherstash/cipherstash-rails-demo-app
cd cipherstash-rails-demo-app
bundle install
Create the database, run migrations, and seed the database with dummy patient data:
rails db:setup
Install the CipherStash CLI
The CipherStash CLI is used to manage your encryption schema.
The encryption schema is defines what encrypted indexes exist, and what queries you can perform on those indexes.
Download the binary for your platform:
- Linux ARM64
- Linux ARM64 musl
- Linux x86_64
- Linux x86_64 musl
- macOS ARM
- macOS x86_64
- Windows x86_64 GNU
- Windows x86_64 MSVC
Place the binary on your $PATH
, so you can run it.
Sign up
You can start your signup from the CLI:
stash signup
Your browser will open to https://cipherstash.com/signup/stash where you can sign up with either your GitHub account, or a standalone email.
Install the CipherStash database driver
The CipherStash database driver transparently maps SQL statements to encrypted database columns.
We need to add it to your Rails app, and tell Rails to use it.
Add the activerecord-cipherstash-pg-adapter
to your Gemfile:
gem "activerecord-cipherstash-pg-adapter"
Remove the pg
gem from your Gemfile.
Run bundle install
.
And update the default adapter settings in the database.yml
with postgres_cipherstash
:
default: &default
adapter: postgres_cipherstash