shell - How to use environment variables with supervisor, gunicorn and django (1.6)

Question

I want to configure supervisor to control gunicorn in my django 1.6 project using an environment variable for SECRET_KEY.

I set my secret key in .bashrc as

export SECRET_KEY=[my_secret_key] 

And I have a shell script to start gunicorn:

NAME="myproject"
LOGFILE=/home/django/myproject/log/gunicorn.log
LOGDIR=$(dirname $LOGFILE)
NUM_WORKERS=3
DJANGO_WSGI_MODULE=myproject.wsgi

USER=django
GROUP=django
IP=0.0.0.0
PORT=8001

echo "Starting $NAME"

cd /home/django/myproject/myproject
source /home/django/.virtualenvs/myproject/bin/activate

test -d $LOGDIR || mkdir -p $LOGDIR

exec gunicorn ${DJANGO_WSGI_MODULE} 
 --name $NAME 
 --workers $NUM_WORKERS 
 --user=$USER --group=$GROUP 
 --log-level=debug 
 --bind=$IP:$PORT
 --log-file=$LOGFILE 2>>$LOGFILE

Then to configure my project's gunicorn server in supervisor:

[program:my_django_project]
directory=/home/django/my_django_project/my_django_project
command=/home/django/my_django_project/my_django_project/gunicorn.sh
user=django
autostart=true
autorestart=true
stdout_logfile=/home/django/my_django_project/log/supervisord.log
stderr_logfile=/home/django/my_django_project/log/supervisor_error.log

If I start gunicorn using my shell script it doesn't throw any error but when I start it with supervisor it fails and I see in the logs that it doesn't "find" my SECRET_KEY.

What's the correct way to configure supervisor to read my shell variables (I wan't to keep them in my .bashrc unless there's a more appropriate way)?

Answer 1

OK, I guess I got it.

I had tried including

environment=SECRET_KEY="secret_key_with_non_alphanumeric_chars"

in the conf file for supervisor but it didn't like the non alphanumeric chars and I didn't want to have my key in the conf file as I have it in git.

After loking at supervisor's docs I had also tried with:

HOME="/home/django", USER="django"

but didn't work.

Finally I tried with this and is working now!:

environment=HOME="/home/django", USER="django", SECRET_KEY=$SECRET_KEY

Maybe although it's working it's not the best solution. I'd be happy to learn more.

EDIT:

Finally, Ewan made me see that using the bash for setting the env vars wouldn't be the best option. So one solution, as pointed by #Ewan, would be to use:

[program:my_project]
...
environment=SECRET_KEY="secret_key_avoiding_%_chars"

Another solution I found, for those using virtualenv would be to export the env vars in the "activate" script of the virtualenv, that is, edit your virtualenv/bin/activate file and add at the end your SECRET_KEY.

This way you can use % chars as generated by key generators for django and is valid if you don't use supervisor.

I restarted my server without logging to check that it worked. With this option I don't have to edit my keys, I can keep my conf files versioned and it works whether I use supervisor, upstart or whatever (or nothing, just gunicorn).

Anyway, I know I haven't discovered anything new (well @Ewan raised an issue with supervisor) but I'm learning things and hope this can be useful to someone else.