[Feature Request] Allow variables in config file about homepage HOT 6 CLOSED

Yes this would greatly facilitate saving the config file in git.

from homepage.

@JazzFisch @shamoon I'm considering a simple substitution of environment variables into the configs as they are loaded, but for security reasons, limiting it to environment variables that start with "HOMEPAGE_". For example:

- Media:
  - Jellyfin:
      icon: jellyfin.png
      href: https://jellyfin.mydomain.tld
      description: Static Video Entertainment
      app: jellyfin
      namespace: media
      widget:
        type: jellyfin
        url: https://jellyfin.int.wynning.tech
        key: {{HOMEPAGE_JELLYFIN_APIKEY}}

Then the HOMEPAGE_JELLYFIN_APIKEY env var could be set either directly as an environment variable, or populated from a Kubernetes secret. I don't love the simple string replacement approach, but the only practical alternatives I saw were to use a full templating library and that feels like gross overkill for the need.

from homepage.

With this approach, no. Perhaps I could expand the solution with an additional prefix for file-based secrets. We could support the "HOMEPAGE_" prefix for direct values and "HOMEPAGEFILE_" prefix for secrets stored in files. So at runtime it would read the file contents from the specified file and substitute it in just as it would for normal variables.

from homepage.

I believe something like this could work, and would tie into the other feature request for configuration via labels. I'll add this to the list of future enhancements.

from homepage.

Just to clarify, currently docker secrets cannot be used in the yaml config files?

I attempted using docker secrets and it appears that the container reads the secret correctly but I cannot get it working with the config files. Hiding passwords and api keys from plain-text would be a much appreciated addition to this project. Thank you!

from homepage.

An alternative could be to extend the variables themselves. For instance, the widgets' "key" field could also have "key-var" and "key-file" which would map to an environment variable and a file respectively. We would need to do the same for credentials in other locations as well. This would be a less flexible approach, but would address the primary concern of storing credentials more securely.

from homepage.