[OpenSIPS-Users] Avoid plain text password in configuration files

vasilevalex alexei.vasilyev at gmail.com
Mon Jan 7 03:23:51 EST 2019


Hi Mickael,

I think most people keep configuration in git.

Just use m4.

Like this opensips_defs.m4:

divert(-1)
ifdef(`PRODUCTION_ENV', `define(`MYSQL_DB',`opensips')',
`define(`MYSQL_DB',`opensips_test')')

define(`MYSQL1_URL',           
`mysql://MYSQL_USER:MYSQL_PASSWD@MYSQL1_HOST/MYSQL_DB')
define(`MYSQL2_URL',           
`mysql://MYSQL_USER:MYSQL_PASSWD@MYSQL2_HOST/MYSQL_DB')
define(`MYSQL3_URL',           
`mysql://MYSQL_USER:MYSQL_PASSWD@MYSQL3_HOST/MYSQL_DB')
define(`MYSQL4_URL',           
`mysql://MYSQL_USER:MYSQL_PASSWD@MYSQL4_HOST/MYSQL_DB')
divert(0)dnl
include(`cfg/opensips_global.m4')
include(`cfg/opensips_modules.m4')
include(`cfg/opensips_routes.m4')

and in secret file opensips.m4 (which is not in git):

divert(-1)
define(`MYSQL_USER', `opensips')
define(`MYSQL_PASSWD', `password')
divert(0)dnl
include(`cfg/opensips_defs.m4')

And final config:

m4 opensips.m4 > opensips.cfg




-----
---
Alexey Vasilyev
--
Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html



More information about the Users mailing list