[Bug] Can't seem to use environment variables override to config

[Banh-Canh]

Describe the bug INVIDIOUS_DB_HOST when set doesn't actually set the target db host It should: https://github.com/iv-org/invidious/pull/1702

the code doesn't seem to have changed since then, so i can only assume it never worked ? I need these override env vars to work to hide the postgres password in kubernetes.

[Fijxu]

INVIDIOUS_DB_HOST does not exists on Invidious code. You can instead use the INVIDIOUS_CONFIG env variable to set the configuration plus an external hidden .env file where all the secrets are stored. I don't know if kubernetes is able to do that, but docker compose can. Here is an example: https://git.nadeko.net/Fijxu/docker-compose-configs/src/branch/master/invidious/invidious/docker-compose.yml#L26

[Banh-Canh]

INVIDIOUS_DB_HOST does not exists on Invidious code. You can instead use the INVIDIOUS_CONFIG env variable to set the configuration plus an external hidden .env file where all the secrets are stored. I don't know if kubernetes is able to do that, but docker compose can. Here is an example: https://git.nadeko.net/Fijxu/docker-compose-configs/src/branch/master/invidious/invidious/docker-compose.yml#L26

I know about the .env. But even then, it's really bad practice to then hide the full config when I only want to hide as a kubernetes secrets/docker secret one value. It's not too flexible this way..

I linked the PR in my opening post, i'm not versed in this language so I can't tell for sure but it did claim to allow configuring Invidious with environment variables. But in practice it didn't work so, the code out there seems dead :/

[SamantazFox]

The environment variables are automatically generated from the names in config.yml, for instance https_only becomes INVIDIOUS_HTTPS_ONLY. Howerver, it only applies to the first level of config options (INVIDIOUS_DB_HOST does NOT set db:host).

To provide only the database settings using environment variables, you can either pass the full database URL as a string, like so (don't forget to URL encode your username/password if needed):

environment:
  INVIDIOUS_DATABASE_URL: "postgres://user:pass@localhost:5432/invidious"

or pass the db sub-section as YAML, like you'd do with INVIDIOUS_CONFIG:

environment:
  INVIDIOUS_DB: |
    user: kemal
    password: kemal
    host: localhost
    port: 5432
    dbname: invidious

[Banh-Canh]

I see, i'd like to say that it is not ideal as I would have to store all of the db variables in one secret. I'm hiding them in an hashicorp Vault and it makes it not too confortable.

        - command: ['/bin/sh']
          args:
            - -c
            - |
              export INVIDIOUS_CONFIG=$(echo "$INVIDIOUS_CONFIG" | sed \
                -e "s/__dbname/$INVIDIOUS_DB_DBNAME/" \
                -e "s/__user/$INVIDIOUS_DB_USER/" \
                -e "s/__password/$INVIDIOUS_DB_PASSWORD/" \
                -e "s/__host/$INVIDIOUS_DB_HOST/" \
                -e "s/__hmac_key/$INVIDIOUS_HMAC_KEY/")
              exec /invidious/invidious
          env:
            - name: INVIDIOUS_CONFIG
              value: |
                db:
                  dbname: __dbname
                  user: __user
                  password: __password
                  host: __host
                  port: 5432
                check_tables: true
                hmac_key: __hmac_key
                channel_threads: 4
                feed_threads: 4
                pool_size: 2000
                captcha_enabled: false
                disable_proxy: false
                default_user_preferences:
                  local: true
                  quality: dash
                  quality_dash: auto

anyway i resorted to this to work around all this. I'll close though since INVIDIOUS_DATABASE_URL seems to be the intended way. thanks for your reply