11

I've defined some environment variables like APP_ENV in my /etc/environment file, on my ArchLinux.

If I type printenv, I see them.

I've created this simple test file called… test.php 

<?php

var_dump(getenv('APP_ENV'));
var_dump(getenv());

If I run php test.php, everything is OK, I see my ENV variables.

But when I try to access the file via HTTP… there is nothing in my env!

Of course, I've changed the config of /etc/php/php-fpm.d/www.conf to set clear_env = no

These are the affected lines:

; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
clear_env = no

And I've restarted both php-fpm and nginx services but… still nothing in my env. Script return bool(false).

So… Am I missing something ?

This is my php-fpm version:

php-fpm --version
PHP 7.2.6 (fpm-fcgi) (built: May 26 2018 07:45:18)
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

And my Nginx version

nginx -v
nginx version: nginx/1.14.0

What should I do to access my env variables in a PHP-FPM context ?

Thanks a lot!

chindit
  • 205

4 Answers4

9

You can set the environment variable in /etc/php/php-fpm.d/www.conf like this: env[APP_ENV] = development Then you'll be able to get it with getenv('APP_ENV') like you expected.

Jesús Bocanegra
  • 99
2

When you type printenv or php test.php, you see environnement variables because they exist.

When you "try to access the file via HTTP… there is nothing in [your] env". Exactly your environnement variables are not set.

Why would you expect a different behaviour? Files like /etc/environment, /etc/profile and /etc/bashrc are only sourced when you use a shell, not when a daemon is ran.

bgtvfr
  • 1,292
0

A possible workaround is to create a php file such as

<? $_SERVER['APP_ENV]='dev';

somewhere on disk, and have it included via php.ini setting auto_prepend_file. Not too clean, but it might help avoiding storing secrets in php-fpm config...

Rationale:

it seems the php documentation for fpm config is not very clear about how clear_env and env supposed to work in the pool config file.

In my own experience:

  • the environment variables which will be made available to the workers when clear_env = no are the ones for the user defined in the pool, which is generally not the root user
  • defining environment variables for that user in places such as .bashrc will not work, as the worker processes will not read the same environment configuration scripts as a shell does
  • it seems that, depending on how php-fpm is actually started (via an init.d script / systemd / direct invocation of the executable via f.e. a custom Docker CMD), the env variables might, or not, show up

Adding insult to injury, it is very hard to get the documented syntax env[APP_ENV] = $APP_ENV to work, so the only way to have a value show up is to harcode it in fpm pool configuration. But that might be not the best solution for all scenarios

gggeek
  • 141
0

I have worked out something in my production environment that should work. It is an extension of using the php-fpm config files to add environment variables. You can embed environment variables into that config file, so instead of putting secrets directly into the php-fpm config file, it acts as a filter.

[www]
env[HOSTNAME] = ${HOSTNAME}
env[MODE] = ${MODE}
php_admin_value[error_log] = /path/to/logs/PHP-${HOSTNAME}-error.log
Mike Wilmes
  • 1