2

I need to be able to share ENV variables between multiple linux servers. These variables are used by my application. I'd like to keep these variables in sync between all servers.

Application deployment is currently handled by Capistrano. Unfortunately I can't simply store the variables in the cap recipe as they contain sensitive data and I do not want to commit them to my repos unencrypted.

One idea I had was to create an encrypted repos using git-encrypt, store the data there and then somehow thru Capistrano or Chef check-out the repos during application deployment, unencrypted and source the ENV variables in each of the application servers.

I am wondering if anybody else has solved this before.

brupm
  • 121
  • 3
  • I've seen this handled in a hodgepodge of different ways, from Puppet ENCs all the way to variables stored in Zookeeper... – Joel E Salas Feb 14 '14 at 00:39

1 Answers1

0

For my AWS based setup I use user input for server rollout scripts, some logic to calculate/decide env variables and write them in /etc/environment file when I roll out the box.

This way I don't have to store the variables in any repo, their value is calculated when the server is rolled out and is immutable till server's lifetime(I can always SSH and change them but that's not the ideal way). Also all the servers of a type will always have same Env variables so I don't have to worry about syncing them (in my case these Env variables are not supposed to be changing)

APZ
  • 954
  • 2
  • 12
  • 24
  • I am not using AWS. And requiring the user to enter 10-20 vars each time is less then ideal. Thx – brupm Feb 14 '14 at 01:03