I added those rows to /home/web/.bash_profile. The web is the user of Rails app.
SECRET_KEY_BASE=xxxxxxxxxxxxxxxxxxxxx
export SECRET_KEY_BASE
I added this row into /etc/sudoers.
Defaults env_keep += "SECRET_KEY_BASE"
This command returns expected result.
sudo ruby -e 'puts ENV["SECRET_KEY_BASE"]'
If I run Unicorn without God, it can find SECRET_KEY_BASE from environment, and performs normally.
bundle exec unicorn_rails -c config/unicorn.rb -E production -D
Running Unicorn using sudo without God performs normally, too.
sudo bundle exec unicorn_rails -c config/unicorn.rb -E production -D
But when I run Unicorn with God using sudo, it failed to find SECRET_KEY_BASE and becomes error.
sudo god start my_app
The start command in the my_app.god is this.
God.watch do |w|
w.start = "cd #{rails_root} && bundle exec unicorn_rails -c config/unicorn.rb -E #{rails_env} -D"
w.uid = 'web'
w.gid = 'web'
...
end
It seems that the problem exists around God rather than .bash_profile and Unicorn. Besides what should I try?
I added this line into the my_app.god
ENV["SECRET_KEY_BASE"] = 'xxxxxxxxxxxxxxxxxxxxxxxx'
I know that this isn't a cool solution, but it works. And SECRET_KEY_BASE isn't included in a Git repository as source code.