-
-
Notifications
You must be signed in to change notification settings - Fork 436
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support environment variables in config #1156
Comments
Per environment variable... This isn't really possible as there are so many tokens (or even people's passwords) the have A change like this could break many configurations. Per having a secrets file, that's a good idea. The only thing is that you can A similar request is here. Thoughts? |
Yeah i see the issue with $ being in people secrets and having erroneous swaps. An option may be to have a yaml object in the tree specifically for variables and then a syntax for using those variables elsewhere. its unlikely a user will both map a variable name and then have that variable name in the secret and not want it replaced. An alternative might be to support a secrets config file that can take strings, env vars or file paths, and can be used in the main file. Sort of like how the aws cli does it. Either approach would de-secret the config file enabling it to be shared, version controlled, etc. Re files, in cicd and other infra systems its one of the common approaches. IE in Gitlab Secrets management its a flag whether to have the secret injected as an env var or as a temp file. So it creates a file per secret. The file per secret approach is arguably 'better', files have permissions, dont get dumped out in env dumps, can log access, can hold large amounts of data and dont need handling around special chars etc, are expected as files sometimes like ssh keys etc. I agree that most of the config file at the moment is indeed just secret storage as it is. I could see a future where the config expands to support things like templates, defaults, etc. But even if the config is slim, theres value in separating implementation (uris) and data (secrets). As it is currently, the config file itself is essentially just one big secret. |
💡 Support environment variables in config
The configuration file is in essence a list of apprise uri's, which include secrets. I have dug through the docs a fair bit so forgive me if this is already possible, but it would be good if we could specify environment variables in the config for the secrets. Alternatively a way of specifying yaml variables or other interpolation so that a file can be built on demand and included that includes the secrets.
Theres envsubst as an approach but internal tool support would be good.
Another common approach is to have secrets in individual files, this would be more complicated to natively support.
ie
🔨 Breaking Feature
This wouldnt break anything in terms of compatibility.
The text was updated successfully, but these errors were encountered: