Is it wrong to put env variables in the express server file ? is it going to be seen by any one?
env variables in server file
You should include it in gitignore file so no one gets the repo has access to env variables, also if you are using docker make sure to let it know about your env files when you deploy it as a service,
in case you are using cloud for hosting, include the env variables into the service configurations that way the info in the env file won't be exposed
you should create an env file and put it in gitgnore so that in production you variables can not be exposed.This make env file not to be exposed on version control like git, but you will have to define those env variables in your third party hosting service provider.
Related
Amplify provides some env vars available during build like AWS_BRANCH_ARN
I want to get them into my app like REACT_APP_ AWS_BRANCH_ARN
But I'm not sure the best practice for doing that... a pre-deploy script that can grab them from the built environment and add them to a .env file?
NOTE: these are not my own custom vars that I could enter via the AWS amplify console, they're amplify-provided vars
CONTEXT: we use PR previews, and I want to automatically have a good env var to get the PR number (used to figure out the backend API URL).
See Amplify Console environment variables:
https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html
We have build nuxt js multi tenancy web site. Now we want to fetch environment variable by domain for ex. We have 5 domain as below.
Note: We have used same source code for all domain.
test1.com
test2.com
test3.com
test4.com
test5.com
So for this if i open test2.com then it should consider my test2.env or if i open test5.com then it should consider test5.com.
But the main problem is we have dynamic web side so any user will create his own website from our platform. So how can we create dynamic env file for web site and how to access that dynamically created env file
You should not try to reach a specific file but configure your environment to serve the proper variables. Either in a static way or dynamically.
Otherwise, if you really need to specify a new directory or filename, you can use this solution when launching your app.
yarn dev --dotenv variables/.env_file
I want to use the configuration setup for my .NET Core Web API. I installed the Microsoft.Extensions.Configuration package for the DI container.
First of all I have 4 config files
appsettings.json
Whenever all three environments use the same config value, this is the file where to put it
appsettings.Development.json
Basic config values for development purposes only. E.g. database connection points to localhost and token secret is "secret", example:
.
{
"Database": {
"ConnectionString": "Server=localhost;Port=3306;Database=db;Uid=root;Pwd=admin;Pooling=true;"
}
}
appsettings.Staging.json
Almost the same as the development file
appsettings.Production.json
Things are different here. I can't put sensitive information to that file, e.g. token secret. These values should come from the environment variable
So in my code I can access the config values via dependency injection
public class MyClass
{
public MyClass(IConfiguration configuration)
{
string databaseConnectionString = configuration["Database:ConnectionString"];
}
}
but what if the code runs in production mode? The information doesn't exist in the production file so I would have to read from the environment variables.
Would I have to create an environment variable called Database:ConnectionString and .NET Core maps all the system environment variables into the configuration file during startup if they don't exist? Or how would I pass in sensitive data to the configuration?
With the default builder, ASP.NET Core will load the configuration from multiple sources, where later sources have the chance to overwrite earlier ones. The default sources in non-development environments are the following:
General JSON configuration from appsettings.json
Environment-specific JSON configuration from appsettings.<Environment>.json
Environment variables, e.g. ConnectionStrings:DefaultConnection or ConnectionStrings__DefaultConnection (both map to the same configuration path)
Command-line arguments
So you have the ability to overwrite the configuration from the JSON files by default using both environment variables and command line arguments.
When it comes to production use, there are also other means to protect the secrets. For example, you could simply edit the appsettings.Production.json during deployment, so that the values will never leave the machine itself.
There are several solutions for this. But obviously you want to keep things such as connection strings away from version controlled files.
If running locally i would sugest using the user secrets functionality in visual studio.
However you can also set environment variables from the cli. This is an example from the documentation about configuration:
set MyKey="My key from Environment"
set Position__Title=Environment_Editor
set Position__Name=Environment_Rick
dotnet run
Of course when running in azure the key vault is a good place to put these kinds of secrets and also has great integration into .Net.
I tried to set up sensitive information as environment variables in CentOS, and pass them to Flask config file used in main file, i.e. init.py . But it did not work. The Flask application is running under Apache.
I first edit /etc/environment as root user
MAIL_USERNAME="abcde#abc.com"
then logout, login again
Then verify MAIL_USERNAME is set by running
echo $MAIL_USERNAME
This works fine
And in configuration.py, this is how I set MAIL_USERNAME.
MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
for testing purpose,
I print out MAIL_USERNAME
in __init__.py
print(MAIL_USERNAME)
Then from terminal, if I run
python3.4 __init__.py
it print out correct values of MAIL_USERNAME
However, if I tested on web browser, MAIL_USERNAME is just not set. it shows NONE. I verify this by looking Apache log.
Any idea of how this works would be really appreciated.
Thanks
With your CLI, set the environment variable as you want. On Linux and macOS, this is done with export KEY=value.
After that, the environment variable KEY will be available for your Python script or Flask app via os.environ.get('KEY'), like this:
import os
print os.environ.get('key')
>>> value
I had a very similar problem because I used PyCharm terminal to run flask. A similar issue was described and solved here.
My solution was switching to regular cmd (I worked on Windows 10) and just running everything there:
>> set MAIL_USERNAME='bla#example.com'
... (other env variables sets)
>> py manage.py runserver (I run my flask app through a manage script)
I could successfully send an email using my flask app - all the environment variables used in the app were read correctly.
On Linux you can just use export instead of set.
I hope it helps.
Maybe you can use Apache directive PassEnv as mentioned here on Apache's official web documenting how to use environment variables.
There are two kinds of environment variables that affect the Apache HTTP Server.
First, there are the environment variables controlled by the underlying
operating system. These are set before the server starts. They can be used in
expansions in configuration files, and can optionally be passed to CGI scripts
and SSI using the PassEnv directive.
Second, the Apache HTTP Server provides a mechanism for storing information
in named variables that are also called environment variables. This information
can be used to control various operations such as logging or access control.
The variables are also used as a mechanism to communicate with external programs
such as CGI scripts. This document discusses different ways to manipulate and
use these variables.
Although these variables are referred to as environment variables, they are
not the same as the environment variables controlled by the underlying
operating system. Instead, these variables are stored and manipulated in an
internal Apache structure. They only become actual operating system environment
variables when they are provided to CGI scripts and Server Side Include scripts.
If you wish to manipulate the operating system environment under which the server
itself runs, you must use the standard environment manipulation mechanisms
provided by your operating system shell.
I make some of the text cited above bold to make things clearer and maybe easier to explain.
Hope this helps.
I need to set some environment variables programmatically before my rubber instances start the webserver. I've set the environment variables in the config/rubber/common/rubber.profile file. When I ssh into the instance, the Env variables are set properly and if I run the Rails console the variables are loaded in the environment. However, the webserver appears to be loaded prior to the env variables being set. The apis fail on the web server due to the initializers having blank ENV vars. How do I make sure that Rubber sets the bash profile prior to starting the web server?