View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions help with rbenv vars and secrets - ubuntu, nginx, passenger, rails 4, rbenv
Log in to Ask a Question

help with rbenv vars and secrets - ubuntu, nginx, passenger, rails 4, rbenv

development

This may be a long shot, but I am struggling to figure out why I can't get this to work. I have just set up a Linode with Ubuntu 14 and the latest passenger, nginx, rails and rbenv, installed as the deploy user. I used capistrano to deploy an app to this server, creating symlinks to secrets.yml. Secrets.yml contains the following for running in production:

secretkeybase: <%= ENV["SECRETKEYBASE"] %>

secrettoken: <%= ENV["SECRETTOKEN"] %>

The rbenv-vars plugin is also installed, and I created .rbenv-vars file in appname/current/ which contains:

SECRETKEYBASE= SECRET_TOKEN= Theoretically, this should work, but it doesn't. When I enter the keys directly in secrets.yml, the app works. But when I reference .rbenv-vars as above, I get an error that the key base and token can't be found. Since rbenv was installed in the home of the deploy user, I recursively set the group of .rbenv to www-data. I have checked that running rbenv vars in appname/current returns the following:

export SECRETKEYBASE=''

export SECRET_TOKEN=' I can't figure out what I'm doing wrong and why passenger can't find these keys. Anyone on here have any idea what I didn't do right? Thanks so much for your help.

Robert

2 Replies

Rbenv works by adding a Bash startup script to /etc/profile.d/, which contains the code that sets up your $PATH and all the other niceties. This script (and all others in /etc/profile.d) is only loaded by Bash when Bash is invoked as a login shell, which is how you normally use Bash. However, the "nginx" process is launched as part of the init system. If the init system uses Bash at all (which is the case for System V scripts, but not systemd), then Bash isn't going to be invoked as a login shell, so those Rbenv files aren't going to read. Hence, the rbenv-vars code isn't going to be executed, and the environment variables aren't going to be set. Since passenger is spawned by nginx, it's not going to see those environment variables either.

The Passenger docs have a little more info on this: https://www.phusionpassenger.com/docume … _variables">https://www.phusionpassenger.com/documentation/Users%20guide%20Nginx.html#aboutenvironmentvariables

TL;DR: Environment variables are confusing

Well, I thought I had that base covered by adding env PATH; to the beginning of nginx.conf. I used that to solve a problem where passenger couldn't find a javascript runtime even though nodejs was installed. Thanks for pointing out that the correct way to do this now (as of passenger v5) is to use passengerenvvar instead (per passenger docs). By adding:

passengerenvvar PATH ;

to nginx.conf in the http section, passenger now uses nodejs and rbenv. I don't need env PATH; in nginx.conf at all. Thanks for helping me figure this out.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct