Using Environment Variables

It is possible to inject e.g. secrets from the environment variables into the configuration file, so the configuration file itself does not contain any confidential information. There are two ways to do this.

Name based replacement

The simplest is to just make an environment variable with the name of the entry to replace. The name of the environment variable should be upper case with _ separating each word.

An example to set the EncryptorMasterPassword in the [Database] section, set the environment variable:

export ENCRYPTOR_MASTER_PASSWORD="Password123!"

Placeholder based replacement

An alternative is to give a name to the environment variable in the configuration and tell the configuration system to replace it once read. In this instance the configuration for the database would look like this:

[Database]
EncryptorMasterPassword = "{{ env `INJECTED_PASSWORD` }}"
...

To set this entry and environment variable with that name need to be created:

export INJECTED_PASSWORD="Password123!"