How to hide nginx.conf authorization credentials?
Question
To explain quickly, I have an nginx server running within Docker, acting as a reverse proxy for my Flask web app. A part of my configuration is using proxy_set_header Authorization to pass some credentials into the proxy_pass website.
This all works fine - but, I want to push all this stuff to GitHub, and of course don't want want my creds, encoded or not, to show up.
What is my best option here? All I can think of is having something similar to dotenv, but for nginx.conf files rather than.py files.
Does anyone have any ideas on what I could to in order to pass my creds in but without hardcoding them explicitly in the config?
1 answers
solution1
0 2021-04-02 17:02:40
You can use another configuration file create Variables with NGINX using set and add this file to gitignore.
conf.d/creds.include
set $apiuser "user";
set $apipass "pass";
http://nginx.org/en/docs/http/ngx_http_rewrite_module.html#set
app.conf
server {
include conf.d/creds.include;
...
location / {
proxy_pass ...
proxy_set_header "Authorization: $apiuser:apipass"
}
}
You should mention this in the README of your repo that anybody know how to use it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.