Securing passwords in applications.yml

#1

Hello!

I’ve managed to get a shinyproxy server running, and even connected it to LDAP with groups! However, i’m just a sysadmin, and am building this out for another team. I really do not want them to have access to a username and password that can be used to auth against AD, which is in clear text in the applications.yml file. Is there any way to put a hash of a password in the manager-password field? Or even import that password from another file, or even set it as a variable for the jar file to pick up?

Thanks!

#2

To answer my own question, it was a lot more simple than I had originally thought.

In the systemd service file on linux, under [Services] add:

Environment=MySuperSecretPassword=123456

Inside of application.yml, to call this do:

manager-password: ${MySuperSecretPassword}

Reload your daemon and it should work!

1 Like