[OpenSIPS-Users] Avoid plain text password in configuration files
Mickael Hubert
mickael at winlux.fr
Sat Jan 5 14:02:27 EST 2019
Hi all,
I'm looking for a way to avoid all plain text password into configuration
files.
maybe store sensibles data into secret file and read variables into
opensips configuration file ?
Ex:
*secret file:*
MYSQL_USER: opensips
MYSQL_PWD: 4845123121
...
*Configuration file:*
from:
modparam("drouting", "db_url",
"mysql://opensips:4845123121@1.1.1.1/opensips")
To:
modparam("drouting", "db_url",
"mysql://$MYSQL_USER:$MYSQL_PWD@$MYSQL_HOST/opensips")
Or
use Ansible with jinja template ?
modparam("drouting", "db_url",
"mysql://{{ MYSQL_USER }}:{{ MYSQL_PWD }}@{{ MYSQL_HOST }}/opensips")
The goal is push all configuration on our gitlab (without the "secret file")
Do you have another way ?
thanks in advance
PS: happy new year everyone !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20190105/778647b6/attachment.html>
More information about the Users
mailing list