Setting and Getting Environment Variables in Python

Environment variables are useful when you want to avoid hard-coding access credentials or other variables into code. Also if you need your code to function differently between development, staging, and production environments, use environment variables.

Store environment variables in a .env file as global constants (ALL CAPS) and accessed using Python’s dotenv module. If using git, remember to add .env to your .gitignore file so you don't commit this file of secrets to your Git Repository. You apparently do not need quotes for your string values.

In your code, you can create a .env.example file as a template for the environment variables with the same parameter keys but without the sensitive values eg.

# DB
DB_USER=
DB_PASSWORD=
# Cloud Public URL
CLOUD_URL=192.168.1.1B        

then push the .env.example to the GIT repo.

Should .env file be used in a Production environment? Some sources (see below) state that you should use the file in Development to test but it is not recommended to deploy a .env file to the production environment. Production configuration and secrets should/could be stored directly in a server environment at a /etc/environment file or via Cloud's services console. Cloud service providers also provide secret storage services to store encryption credentials, configuration endpoints such as AWS systems Manager Parameter Store, Azure Key Vault, Google Cloud Secret Manager.

I did see a post recently on medium (referenced below) which discusses searching for environmental secret variables on google.

To search for public .env files, all you need to do is google one of these terms:

DB_USERNAME filetype:en
APP_DEBUG filetype:env
DB_PASSWORD filetype:envv        

The reason these .env file are accessible and are able to get scraped is because two things: 1) misconfigured file hosting and 2) the .env file has the wrong access rights. On shared hosting make sure your root folder is not accessible from the outside and only the "public" folder should be accessible from the internet. Modify your .env file access rights to: 400 or 440 so that it can not be accessed by public users

The intent of all this was to upload an.env file with my previous python script that gathered my book reading information from my mongodb and allow individuals to generate the html to see what I’ve read BUT I realized that I can just generate the html myself and post the link to the html. So here is the link to books I’ve read recently with a semi coherent, semi short summary of the book so I can remember what the book was about since I’m old :)

I do plan on updating the code because the formatting is not the best.

https://108.175.7.38/webbrowser.html

REFERENCES: https://able.bio/rhett/how-to-set-and-get-environment-variables-in-python--274rgt5

https://developers.refinitiv.com/en/article-catalog/article/how-to-separate-your-credentials--secrets--and-configurations-fr

https://medium.com/@marcelpociot/protect-your-env-files-387b4f66d809

https://www.askpython.com/python/python-dotenv-module