Skip to content

Commit f9f1b5c

Browse files
c00kiemon5terc00kiemon5ter
committed
Update documentation for ENV and ENVFILE yaml tags
Signed-off-by: Ivan Kanakarakis <[email protected]>
1 parent 67b9610 commit f9f1b5c

File tree

1 file changed

+28
-5
lines changed

1 file changed

+28
-5
lines changed

doc/README.md

Lines changed: 28 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -34,16 +34,39 @@ SATOSA is configured using YAML.
3434
All default configuration files, as well as an example WSGI application for the proxy, can be found
3535
in the [example directory](../example).
3636

37-
A configuration value that includes the tag !ENV will have a value of the form `SOME_ENVIRONMENT_VARIABLE`
38-
replaced with the value from the process environment variable of the same name. For example if the file
39-
`ldap_attribute_store.yaml' includes
37+
The default YAML syntax is extended to include the capability to resolve
38+
environment variables. The following tags are used to achieve this:
39+
40+
* The `!ENV` tag
41+
42+
The `!ENV` tag is followed by a string that denotes the environment variable
43+
name. It will be replaced by the value of the environment variable with the
44+
same name.
45+
46+
In the example below `LDAP_BIND_PASSWORD` will, at runtime, be replaced with
47+
the value from the process environment variable of the same name. If the
48+
process environment has been set with `LDAP_BIND_PASSWORD=secret_password` then
49+
the configuration value for `bind_password` will be `secret_password`.
4050

4151
```
4252
bind_password: !ENV LDAP_BIND_PASSWORD
4353
```
4454

45-
and the SATOSA process environment includes the environment variable `LDAP_BIND_PASSWORD` with
46-
value `my_password` then the configuration value for `bind_password` will be `my_password`.
55+
* The `!ENVFILE` tag
56+
57+
The `!ENVFILE` tag is followed by a string that denotes the environment
58+
variable name. It will be replaced by the value of the environment variable
59+
with the same name.
60+
61+
In the example below `LDAP_BIND_PASSWORD_FILE` will, at runtime, be replaced
62+
with the value from the process environment variable of the same name. If the
63+
process environment has been set with
64+
`LDAP_BIND_PASSWORD_FILE=/etc/satosa/secrets/ldap.txt` then the configuration
65+
value for `bind_password` will be `secret_password`.
66+
67+
```
68+
bind_password: !ENVFILE LDAP_BIND_PASSWORD_FILE
69+
```
4770

4871

4972
## <a name="proxy_conf" style="color:#000000">SATOSA proxy configuration</a>: `proxy_conf.yaml.example`

0 commit comments

Comments
 (0)