The best practise of using application secrets in production is to use environmental variables at system level. For example, exporting them in terminal or keeping them in Apache/Nginx configuration. However, if you want to keep them in .env file (not adviced for production but it is OK for development environment) you can follow this example. I am not going to go through setting up whole structure so you can read previous posts if you want to.


Install The Dotenv Component with $ composer require symfony/dotenv command and create files below.




This is just for test purposes to see if our application can access to variables or not.



tags: ['controller.service_arguments']
$env: '%env(APP_ENV)%'
$secret: '%env(APP_SECRET)%'

Files below are capistrano related.


/deploy export-ignore
Capfile export-ignore
Gemfile export-ignore
Gemfile.lock export-ignore


source ''

gem 'capistrano', '~> 3.10'
gem 'capistrano-symfony', '~> 1.0.0.rc3'


set :deploy_config_path, "deploy/deploy.rb"
set :stage_config_path, "deploy/stages"

require "capistrano/setup"
require "capistrano/deploy"
require "capistrano/symfony"
require "capistrano/scm/git"

install_plugin Capistrano::SCM::Git

# If you use rake files
Dir.glob('deploy/tasks/*.rake').each { |r| import r }


# Locked capistrano version.
lock "3.10.2"

# The name of the application.
set :application, "api"

# The path on the remote server where the application will be deployed.
set :deploy_to, "/srv/www/#{fetch(:application)}"
set :tmp_dir, "/tmp/capistrano"

# The application repository.
set :repo_url, ""

# Share files and folders between releases
set :linked_files, [".env"]
set :linked_dirs, ["var/logs"]

# Output styling.
set :format, :airbrussh

# Amount of releases to keep.
set :keep_releases, 5

# Asks branch to deploy.
ask :branch, `git rev-parse --abbrev-ref HEAD`.chomp


# The settings for remote servers to deploy at same time
server "", user: "deployer", roles: %w{app db web}
server "", user: "deployer", roles: %w{app db web}

Production servers

You can follow previous posts for details.

Deployment server

You can follow previous posts for details.