Unicorn not reading ENV variables - bash

I'm having some issues with SECRET_KEY_BASE setting on our production Ubuntu server with Unicorn and nginx. I added the variable to .bashrc and its reading fine when I try echo $SECRET_KEY_BASE, but for some reason I'm getting the following error:
app error: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` (RuntimeError)
Also, when I try to access the variable with ENV["SECRET_KEY_BASE"] from within the console in production environment, I can read it fine.
I tried restarting Unicorn and server and it doesn't help. Any idea why this is happening?

You may need to add the variables to the unicorn.conf file, since it seems you are launching Unicorn with a different user or without sourcing your .bashrc.
In any case, I suggest you use dotenv gem to store your env variables in a .env file within your project. That is the cleanest way I know. If you need to have capistrano integration and handle all the different environments with ease, you can also use dotenv-deployment gem.

Related

Creating environment variables with Rails 6 and Heroku

How do I create a group of environment variables that can be used both locally in development and on Heroku using Rails 6?
There are many different ways to configure environment variables, and people have many different preferences.
Personally, for my local development, I typically use the dotenv gem. I'll git-ignore .env, but I'll add a .env.example with all the vars I need stubbed out.
Then in my local checkout(s), I'll cp .env.example .env, and I will edit that .env file for all of my local configuration.
dotenv-rails includes a railtie to load environment variables from the .env file if they have not already been supplied as real env vars.
When I deploy to Heroku, I just use the Heroku console or GUI to set up my environment variables there.
Rails credentials work great and they don't require any extra gems and keep all your app secrets in one location.
EDITOR=vim rails credentials:edit
You can access any variable you set in this encrypted file by Rails.application.credentials.name_of_key. Typically, your .gitignore file will exclude the master.key file, so to make it accessible on a cloud provider, you'd provide the single key as an environment variable for decryption.

How do you get all ENV variables from Heroku (Including internal variables)

How do I get HEROKU specific ENV variables? (Such as $HEROKU_API_KEY_ENC)
I'm writing a buildpack to perform some operations on app deploys (not dyno restart, just deploy) but I need to know which variables are available at that point.
I know I have access to my own environment variables and HEROKU runtime dyno metadata but I'd like to see what else is there, such as which git user is making the deploy, or whether there's a variable to determine it is a deploy or a restart etc.
I appreciate your help.
P.S I already tried deployhooks and it doesn't solve my problem.
The linux printenv command will display every available environment variable.
How about this
heroku config --app your_app_id | grep "your_variable"

Where to put API keys for Twitter app on server

I'm currently writing a couple Twitter bots for my friends using the Twitter gem for Ruby. My plan was to store the keys for them in a .txt file with the rest of the bot's code on my server, but everything I've read has said the keys shouldn't be readable within the code. Is this secure enough, and if not what would be a good solution? Thanks!
A common approach is to save the environment variables into a file called .env that is ignored by version control (and therefore won't be included on Github) but read by the code. One gem to help with this is dotenv.
add .env to the .gitignore file.
create a local .env file with all your env vars
require 'dotenv' and put Dotenv.load somewhere at the beginning of your script. In Rails, the require is unnecessary and you can place the load call in any file in the config/initializers folder
Check that your app works fine locally. The environment variables should be found in the ENV hash from Ruby code.
Save changes and push new version of app to digital ocean
manually create the .env file on the digital ocean server, in the root of the repo
run digital ocean server and check that everything works.
other notes:
see How To Read and Set Environmental and Shell Variables on a Linux VPS
some platforms like heroku have a different mechanism for setting environment variables, such as heroku config:set or web UIs.
You can set environment variables on a one-off basis using the env command in bash, for example:
env a=hello b=' world' ruby -e 'puts ENV["a"] + ENV["b"]'
# => hello world
This can give a quick way to configure a program without getting into argument parsing. For example in Rails, you can say rails c test to open a console using the test environment, but env RAILS_ENV=test rails c should do the same thing.

Will Heroku ignore the .env file?

Our team is using foreman for development and .env files to preassign development ports to each piece of a service oriented application. It dramatically simplifies things for this file to just live with the repository as we are not doing any specific per-machine local configurations even though multiple docs seem to think this is a bad idea.
Does anybody know if Heroku will ignore these .env files automatically? What if they were added to .slugignore?
I setup a test app to try this out including a PORT=5005 in the .env file and then committing/deploying to Heroku. Heroku didn't seem to notice it was even there and no new config vars appeared when I checked heroku config.
You answered your own question, but just for confirmation: .env is entirely a Foreman construct, while Foreman and Heroku will make use of Procfile.
We actually wanted to be able to ensure consistent environments between local and Heroku deployments, so I wrote a python script to export .env up to Heroku.
In case others want to export .env to Heroku:
https://github.com/FinalsClub/karmaworld/blob/68f0f0340d7b6420e263cab648ff7de1ea851a0e/export_env_to_heroku.py

How does Sinatra know which environment to use?

I uploaded a Sinatra app to the server (heroku). But it seems like the app acts itself like it's at a localhost unlike my another Rails app which works well there.
So how do I check if my Sinatra app uses the correct environment or not? And how does Sinatra know which environment to use?
By nature heroku will take care of setting the environment. By default it's "production". In case you have different config/behavior for different use case, you would have to code that first.
For example
if ENV=="production"
# do something
elsif ENV=="staging"
# do something else
end
I am not sure why would you want to set environment explicitly to "production" or something else. That should be left at discretion of hosting environment.
Update
More info on Heroku documentation
Further update
heroku run printenv
above should list environment variables.
I add an environment variable to all my heroku instances:
heroku config:add APP_NAME=<myappname>
Then, for Sinatra, I have the following in the config.ru:
# detect environments and setup some passwords
case ENV['APP_NAME']
when 'prod-damon'
# whatever for production
when 'dev-damon'
# whatever for development on Heroku
else
# whatever for local
end

Resources