Installing private RubyGems

Once you have signed up for a Gemfury account and uploaded a few Gems, you can install them via command-line, or with a Bundler Gemfile.

Your private Source URL

The secret Source URL is the RubyGems endpoint for your Gemfury account. Do not share this URL to keep your account private. To retrieve this URL, follow these steps:

  1. Go to your dashboard
  2. Select the Get Started tab and go to Deploy step of the intro
  3. Get the Source URL of the format

     https://SeCrEt-ToKeN@gem.fury.io/me/
    

Install RubyGems with a Gemfile (Bundler 1.7+)

Using private Gems with Bundler is easy, just add a source scope with your Gemfury Repo-URL to your Gemfile which encloses your private packages:

source 'https://SeCrEt-ToKeN@gem.fury.io/me/' do
  gem 'private-gem', '~> 1.0'
end

You can also target individual packages with:

  gem 'private-gem', :source => 'https://SeCrEt-ToKeN@gem.fury.io/me/'

And then run bundle install as usual.

Install RubyGems with a Gemfile (Bundler pre-1.7)

If you're using Bundler 1.6.x or earlier, add your Gemfury Repo-URL to the top of the project's Gemfile.

source 'https://SeCrEt-ToKeN@gem.fury.io/me/'

Then add your private dependencies and run bundle install.

Install RubyGems with command-line

To use Gemfury with command line, add the Source URL to your .gemrc with this command:

$ gem sources -a https://SeCrEt-ToKeN@gem.fury.io/me/

Or use it a single install:

$ gem install my-gem --source https://SeCrEt-ToKeN@gem.fury.io/me/

Keep your privates private (Bundler 1.8+)

To keep up with the best practices, it's important to keep your Gemfury credentials out of your source code, particularly your Gemfile and Gemfury.lock files. Furthermore, we encourage each developer to use their individual credentials to access shared accounts. We suggest the following.

When specifying your Repo-URL in your Gemfile, please don't explicitly place your secret token into your source code. Instead, use this:

source "https://gem.fury.io/username/" ...

You can then configure your Gemfury credentials via Bundler's configuration. This can be done by specifying it via bundler config for a particular account:

bundle config https://gem.fury.io/username/ PeRSonAl-SeCrEt-ToKeN

Or globally for all of your Gemfury use:

bundle config gem.fury.io PeRSonAl-SeCrEt-ToKeN

Naturally, you can also specify this configuration via the environment in both development and production settings:

export BUNDLE_GEM__FURY__IO=PeRSonAl-SeCrEt-ToKeN

In both cases, Bundler will automatically apply these credentials to your Gemfury source declarations.

Keep your privates private (Bundler pre-1.8)

When specifying your Repo-URL in your Gemfile, use this:

source "https://#{ENV['FURY_AUTH']}@gem.fury.io/username/" ...

This solution works well in both development and production settings because Bundler will first try to use FURY_AUTH from the environment, and if that's blank, it will fall back to Bundler credentials store.

So in production, you can use the facilities of your platform to define FURY_AUTH in a secure manner. And in development, each developer has the option of either modifying their ~/.profile:

export FURY_AUTH=PeRSonAl-SeCrEt-ToKeN

Or using bundler config to globally specify the auth info:

bundle config https://gem.fury.io/username/ PeRSonAl-SeCrEt-ToKeN

An unfortunate side-effect is that Bundler will occasionally put your secret token into Gemfile.lock. It is safe to remove the token and committing just the Repo-URL without credentials into your SCM:

GEM
  remote: https://gem.fury.io/username/
  ...

Problems deploying RubyGems

If you are seeing Bundler::HTTPError exceptions when using Gemfury with Bundler, please update your Bundler to the latest version by running gem update bundler

If you're still having trouble, you can try path-based authentication with the following Repo-URL:

https://gem.fury.io/SeCrEt-ToKeN/me/