Config file syntax: secrets from file in key=value
Hi!
I'd like to set up proxy authentication. This works fine, but I cannot get the passwords in to be read from file.
Specifically I have this passdb block.
passdb { driver = passwd-file mechanisms = plain scram-sha-256 default_fields = proxy=y host=dovecot-backend master=imapc-master-user proxy_mech=plain pass=</run/secrets/dovecot.imapc-master-user/password args = /run/secrets/dovecot.generated.app-passwd-file/passwd }
This sets the password to the string /run/secrets/dovecot.imapc-master-user/password. I'd like the password to be set to the content of said file.
Is it possible to get the password from a file or less desirable from the environment? Reading https://doc.dovecot.org/configuration_manual/config_file/ I assume it's not.
Cheers, Tobias Florek
On 06/09/2022 16:31 EEST Tobias Florek <dovecot@ibotty.net> wrote:
Hi!
I'd like to set up proxy authentication. This works fine, but I cannot get the passwords in to be read from file.
Specifically I have this passdb block.
passdb { driver = passwd-file mechanisms = plain scram-sha-256 default_fields = proxy=y host=dovecot-backend master=imapc-master-user proxy_mech=plain pass=</run/secrets/dovecot.imapc-master-user/password args = /run/secrets/dovecot.generated.app-passwd-file/passwd }
This sets the password to the string /run/secrets/dovecot.imapc-master-user/password. I'd like the password to be set to the content of said file.
Is it possible to get the password from a file or less desirable from the environment? Reading https://doc.dovecot.org/configuration_manual/config_file/ I assume it's not.
Cheers, Tobias Florek
You can use $ENV:variable syntax with Dovecot v2.3.14+. The environment variable needs to be listed in import_environment
setting and be available for dovecot process on startup.
It's enough to just mention the variable in import_environment, it does not need to be assigned there.
Aki
Hi Aki!
You can use $ENV:variable syntax with Dovecot v2.3.14+. The environment variable needs to be listed in
import_environment
setting and be available for dovecot process on startup.
Thank you for your answer. I will test it tomorrow.
I thought it was not supported because I interpreted
Expansion only works when it’s surrounded by spaces.
as it not being able to use for e.g.
default_fields = pass=$ENV:MY_ENV_VARIABLE
If it does indeed work I will submit a pull request clarifying the documentation.
Cheers, Tob
On September 6, 2022 10:35:27 PM GMT+03:00, Tobias Florek <dovecot@ibotty.net> wrote:
Hi Aki!
You can use $ENV:variable syntax with Dovecot v2.3.14+. The environment variable needs to be listed in
import_environment
setting and be available for dovecot process on startup.Thank you for your answer. I will test it tomorrow.
I thought it was not supported because I interpreted
Expansion only works when it’s surrounded by spaces.
as it not being able to use for e.g.
default_fields = pass=$ENV:MY_ENV_VARIABLE
If it does indeed work I will submit a pull request clarifying the documentation.
Cheers, Tob
You can also try setting your envvar as pass=whatever
.
Aki
participants (2)
-
Aki Tuomi
-
Tobias Florek