How to Set Environment Variables Before Apache HTTPD Loads in CentOS/RHEL


2 views

When working with Apache HTTPD on CentOS/RHEL systems, many administrators encounter a frustrating sequence issue: environment variables defined in /etc/environment aren't available when Apache starts during boot. This happens because:

  • Apache (httpd) typically starts early in the boot process
  • /etc/environment is processed later by PAM (Pluggable Authentication Modules)
  • Environment variables set after Apache starts won't propagate to existing processes

Method 1: Using systemd EnvironmentFile

The most elegant solution for modern CentOS/RHEL 7+ systems:


# Create custom env file
sudo vi /etc/sysconfig/httpd-vars

# Add your variables (EXAMPLE)
API_KEY=production_12345
DB_HOST=dbcluster.internal

# Modify Apache service unit
sudo systemctl edit httpd.service

[Service]
EnvironmentFile=/etc/sysconfig/httpd-vars

This ensures variables load before Apache starts and persist through reboots.

Method 2: SELinux-Friendly /etc/sysconfig/httpd

For systems with strict SELinux policies:


# Edit the default httpd config file
sudo vi /etc/sysconfig/httpd

# Add exports at the top
export APP_ENV=production
export SECRET_KEY=$(cat /etc/secrets/key)

Note: This file is sourced by the httpd init script before launching Apache.

Method 3: Startup Script in /etc/profile.d

For systems where multiple services need these variables:


# Create a custom profile script
sudo vi /etc/profile.d/apache_vars.sh

# Contents (will affect all users)
#!/bin/bash
export REDIS_URL="redis://cache.internal:6379"
export S3_BUCKET="app-assets-$(hostname -s)"

For complex environments requiring runtime evaluation:


# /etc/sysconfig/httpd
export DB_CONNECTION="mysql://$(curl -s http://169.254.169.254/latest/meta-data/instance-id):${DB_PASSWORD}@db-primary.internal"

Remember to:

  • Set proper file permissions (chmod 600 for sensitive files)
  • Restart Apache after changes (systemctl restart httpd)
  • Verify variables exist in Apache processes (cat /proc/$(pgrep httpd | head -1)/environ | tr '\\0' '\\n')

If variables still don't appear:

  1. Check systemctl show httpd for Environment/EnvironmentFile entries
  2. Confirm no unset statements in any profile scripts
  3. Test variable availability with sudo -E httpd -S
  4. Inspect journal logs (journalctl -u httpd)

When configuring Apache (httpd) on CentOS, many sysadmins encounter a frustrating scenario: environment variables defined in /etc/environment aren't available during Apache initialization because the service starts before the environment file is processed. This breaks configurations relying on PassEnv directives.

The modern approach uses SystemD's service override capability. For Apache/httpd, create a dedicated environment file:

sudo mkdir -p /etc/systemd/system/httpd.service.d/
sudo tee /etc/systemd/system/httpd.service.d/environment.conf <<'EOF'
[Service]
EnvironmentFile=/etc/sysconfig/httpd-vars
EOF

Then populate your variables in /etc/sysconfig/httpd-vars:

# Example production variables
APP_ENV=production
DB_HOST=db-cluster.internal
AWS_REGION=us-west-2

After creating these files, run:

sudo systemctl daemon-reload
sudo systemctl restart httpd

Verify variables are available in Apache:

# In your Apache config
PassEnv APP_ENV DB_HOST AWS_REGION

# Test in PHP
<?php var_dump(getenv('APP_ENV')); ?>

For legacy systems using SysV init:

  1. Edit /etc/sysconfig/httpd directly
  2. Create wrapper scripts in /etc/profile.d/
  3. Use ~/.bashrc for user-specific testing (not production)

Remember that SystemD's method provides the most reliable persistence across reboots and service restarts.

  • Always check systemctl show httpd --property=Environment after changes
  • Use sudo grep -r "APP_ENV" /proc/$(pgrep httpd)/environ to verify process-level availability
  • For SELinux contexts: chcon system_u:object_r:systemd_unit_file_t:s0 /etc/systemd/system/httpd.service.d/environment.conf