Deploying a laravel project has missing .env file

@tdondich

Yes it is normal and it should be. The reason behind missing file is, when you create new Laravel project, it includes .gitignore file in the root directory of the project, where .env file lies.

in .gitignore file you can see that there is an entry of .env file, and hence git ignores it while commit.

The reason behind this is, .env file contains secret / sensitive data, e.g. database details, username, password etc. Hence for security reason also .env file should not be checked in.

Also while you are on local development, obviously environment should be of local while on production it should be for production.

Best practice is, creating .env file on the server itself. As far as your .gitignore file contains entry of .env, in future deploy also not override the file on the server

see more details in http://laravel.com/docs/5.1#environment-configuration

@tdondich i usually add my production value as the second parameter of my env() like:

 'key' => env('APP_KEY', 'SomeRandomString'),

@bimalshah72 i'm not sure why this is not a preferred approach than having another .env in server, can you enlighten us on this one?

@tdondich @TheHamsterOfGod

Usually all config files, e.g. app.php etc are checked in repository. Now if you change this file and checked in, it disturbs all developers file when they pull.

If you use .env file the you can pull your code directly on server, without worrying every time to change config file

also as per documentation ...

Feel free to modify your environment variables as needed for your own local server, as well as your production environment. However, your .env file should not be committed to your application's source control, since each developer / server using your application could require a different environment configuration.

@bimalshah72 sorry for me being quite stupid, i couldn't really get the point. I still don't understand why i should ship another .env with production values to my production server.

Usually all config files, e.g. app.php etc are checked in repository. Now if you change this file and checked in, it disturbs >all developers file when they pull.

If you use .env file the you can pull your code directly on server, without worrying every time to change config file

I have a project with another developer. Locally, we used .env so we have different configs, but we also add our production values to the second parameter of env() so we have just one value for our production, that way we dont have to add a .env to our productions server as it would detect the second parameter(default value) of env().

isn't the second parameter of env() should be used for production values?

isn't the second parameter of env() should be used for production values?

Not at all, it is for default values. The basic workflow is to exclude the .env from the version control system (usualy git).

Then on the first deploy you create a .env file with the production value. Then on next deploy this file will stay untouched as it is excluded from git.

@pmall thanks for the heads up, everything is quite clearer now. Just a clarification though, does it mean that production config values(like api keys, db passwords, etc etc) should not be visible in every config files in your /config? and also should not reach your git repo? or "touched" by git? and config files should always in .env file?

@TheHamsterOfGod do you really want everyone to have access to your api keys/db password by looking at your files in your github account ? ;)

@pmall i got private repo :3

Well, nobody store db password in git, it is kind of common practice.

@pmall ahh i see, i'm just super curious like a kid hehe thanks for the enlightenment. cheers!