1

OS: Ubuntu 20.04 LTS

I am attempting to deploy a web app using Keter, the app depends upon several environment variables which I seem to be struggling to make available.

For reference I've been using this resource from the Ubuntu community to try and solve the problem.

I added the environment variables to /etc/environment, the file looks like this:

PATH=...
MY_VAR="something"
MY_VAR2="something-else"

Running echo $MY_VAR correctly prints something.

I read in the aforementioned resource that environment variables are "unbound" when using sudo. When using top I can see that the keter process runs as root so I thought this might be the issue so I followed the instructions using sudo visudo to alter /etc/sudoers. I added the line Defaults env_keep += "MY_VAR MY_VAR2" to the bottom of the file.

I rebooted the server to make sure everything got re-read and can confirm that echo $MY_VAR and sudo echo $MY_VAR both produce the correct result.

Unfortunately this seems to have had no effect on the web app as the log still shows the following error: my-app: MY_VAR: getEnv: does not exist (no environment variable).

In my project's keter.yml file I have the following lines in my stanza:

forward-env:
  - MY_VAR
  - MY_VAR2

Any advice on how to get this working would be much appreciated!

James Burton
  • 746
  • 3
  • 12
  • 1
    With `sudo echo $MY_VAR`, the shell expands the env variable *before* anything is executed as root. So this cannot test if the env var is available for root. Try this instead: `sudo bash -c 'echo $MY_VAR'` – schoettl Apr 23 '21 at 08:00
  • @schoettl Thanks for that insight. I can confirm that the line you proposed still produces the expected result. – James Burton Apr 23 '21 at 17:17

1 Answers1

1

It looks like Keter has a poorly documented env: YAML setting to provide environment variable settings to apps, so instead of forwarding them, try setting them. In keter.yml, put:

env:
  MY_VAR: "something"
  MY_VAR2: "something-else"

and get rid of the forward-env: setting entirely.

Or, this can be put in the global /opt/keter/etc/keter-config.yaml file instead, where it will specify environment variables to be passed to all apps.

K. A. Buhr
  • 45,621
  • 3
  • 45
  • 71
  • I'm aware of the `env` setting, I use this for things that I'm happy to have stored in version control, things like the path to a directory for storing uploaded images etc. The problem is the vars which I'm trying to forward in my question are things like API secrets which I do not want in version control so adding them under `env` wouldn't be appropriate. Your suggestion about putting them in the global config file instead works so I'm running with that for now although I'm still confused about why my initial approach didn't work. Thanks! – James Burton Apr 23 '21 at 19:58
  • 1
    Well, if you use the recommended install script, Keter is installed as a systemd service (you should have an `/etc/systemd/system/keter.service` file). Systemd doesn't use `sudo`, so anything about that is irrelevant; and systemd doesn't use `/etc/environment`, so that wouldn't work either. See [here](https://serverfault.com/questions/413397/how-to-set-environment-variable-in-systemd-service) for how to set env vars for systemd services. – K. A. Buhr Apr 24 '21 at 15:48
  • Ah, I had no idea that `systemd` services worked in that way. As you can probably tell, I'm not massively experienced when it comes to server admin type stuff. Thanks for the help! – James Burton Apr 24 '21 at 17:22