Open artemislena opened 2 years ago
The environment variable approach would be very good from my perspective. I have been trying to run nitter on Fly.io this morning and there doesn’t seem to be a secure way of providing a nitter.conf
to an image.
L: I'm thinking of something like environment variables (that override the default config) or a secondary config file (passed via a command line flag, e.g.
--extra-config /etc/nitter_secrets.conf
) here. The reason for this being useful is that the config file may contain secrets (such as the HMAC key), but you might still want to publish the non-secret parts of it. As for environment variables, the mapping might be something likeNITTER_[Section]_[Variable]
, e.g.NITTER_Config_hmacKey
(though all upper-case, i.e.NITTER_CONFIG_HMACKEY
would probably be even better). Alternatively, some special placeholder format in the config that makes it get it from an environment variable instead would work, too (e.g.to get it from the
NITTER_HMAC
environment variable).Edit: Oh, there's also the Redis password, which should be secret too, I guess, and of course there might be other secrets in the future, so uh, it would be best if this was implemented so it could be used for any config variable.