Using Environment Variables
It is possible to inject e.g. secrets from the environment variables into the configuration file, so the configuration file itself does not contain any confidential information. There are two ways to do this.
Name based replacement
The simplest is to just make an environment variable with the name of the entry to replace. The name of the environment variable should be upper case with _ separating each word.
An example to set the EncryptorMasterPassword
in the [Database]
section, set the environment variable:
export ENCRYPTOR_MASTER_PASSWORD="Password123!"
Placeholder based replacement
An alternative is to give a name to the environment variable in the configuration and tell the configuration system to replace it once read. In this instance the configuration for the database would look like this:
[Database]
EncryptorMasterPassword = "{{ env `INJECTED_PASSWORD` }}"
...
To set this entry and environment variable with that name need to be created:
export INJECTED_PASSWORD="Password123!"
Updated 6 months ago