On Sat, Jul 21, 2018 at 05:44:44PM +0100, Jonathan Matthews wrote:
> No. Sudo doesn't pass envvars through to its children by default:
> https://stackoverflow.com/questions/8633461/how-to-keep-environment-variables-when-using-sudo
>
> Read that page *and* the comments - in particular be aware that you have to
> request (at the CLI) that sudo preserve envvars, and you also have to have
> been granted permission to do this, via the sudoers config file.
>
> If this is all sounding a bit complicated, that's because it is.
>
> You've chosen a relatively uncommon way of running haproxy - directly, via
> sudo. Consider running via an init script or systemd unit (?) or, failing
> that, just a script which is itself the sudo target, which sets the envvars
> in the privileged environment.
Also, something that people don't necessarily know is that haproxy can
set its own variables using "setenv" in the global sections. Some will
say this is stupid since you're going to use them in the same config,
but when you add to this the fact that we can load multiple files, it
becomes more obvious that it easily allows to parse an environment file
first made of a global section with a few variables, then the regular
(possibly shared) config. Typically it would do something like this :
$ cat /etc/haproxy/env.cfg
global
setenv GRAPH_ADDRESS graph.server.com
setenv GRAPH_PORT 8182
$ sudo haproxy -D -f /etc/haproxy/env.cfg -f /etc/haproxy/haproxy.cfg
Hoping this helps,
Willy
