Hello everyone!

We have been investing plenty of personal time and energy for many years to share our knowledge with you all. However, we now need your help to keep this blog running. All you have to do is just click one of the adverts on the site, otherwise it will sadly be taken down due to hosting etc. costs. Thank you.

The best practise of using application secrets in production is to use environmental variables at system level. For example, exporting them in terminal or keeping them in Apache/Nginx configuration. However, if you want to keep them in .env file (not adviced for production but it is OK for development environment) you can follow this example. I am not going to go through setting up whole structure so you can read previous posts if you want to.


Application


Install The Dotenv Component with $ composer require symfony/dotenv command and create files below.


.env


APP_ENV=prod
APP_SECRET=123123

config/services.yaml


This is just for test purposes to see if our application can access to variables or not.



parameters:

services:
...

App\Controller\DefaultController:
tags: ['controller.service_arguments']
arguments:
$env: '%env(APP_ENV)%'
$secret: '%env(APP_SECRET)%'

Files below are capistrano related.


.gitattributes


/deploy export-ignore
Capfile export-ignore
Gemfile export-ignore
Gemfile.lock export-ignore

Gemfile


source 'https://rubygems.org'

gem 'capistrano', '~> 3.10'
gem 'capistrano-symfony', '~> 1.0.0.rc3'

Capfile


set :deploy_config_path, "deploy/deploy.rb"
set :stage_config_path, "deploy/stages"

require "capistrano/setup"
require "capistrano/deploy"
require "capistrano/symfony"
require "capistrano/scm/git"

install_plugin Capistrano::SCM::Git

# If you use rake files
Dir.glob('deploy/tasks/*.rake').each { |r| import r }

deploy/deploy.rb


# Locked capistrano version.
lock "3.10.2"

# The name of the application.
set :application, "api"

# The path on the remote server where the application will be deployed.
set :deploy_to, "/srv/www/#{fetch(:application)}"
set :tmp_dir, "/tmp/capistrano"

# The application repository.
set :repo_url, "git@github.com:inanzzz/api.git"

# Share files and folders between releases
set :linked_files, [".env"]
set :linked_dirs, ["var/logs"]

# Output styling.
set :format, :airbrussh

# Amount of releases to keep.
set :keep_releases, 5

# Asks branch to deploy.
ask :branch, `git rev-parse --abbrev-ref HEAD`.chomp

deploy/stages/production.rb


# The settings for remote servers to deploy at same time
server "192.168.99.60", user: "deployer", roles: %w{app db web}
server "192.168.99.70", user: "deployer", roles: %w{app db web}

Production servers


You can follow previous posts for details.



Deployment server


You can follow previous posts for details.