Securing passwords in applications.yml

sitrii · June 11, 2019, 3:47pm

Hello!

I’ve managed to get a shinyproxy server running, and even connected it to LDAP with groups! However, i’m just a sysadmin, and am building this out for another team. I really do not want them to have access to a username and password that can be used to auth against AD, which is in clear text in the applications.yml file. Is there any way to put a hash of a password in the manager-password field? Or even import that password from another file, or even set it as a variable for the jar file to pick up?

Thanks!

sitrii · June 11, 2019, 7:30pm

To answer my own question, it was a lot more simple than I had originally thought.

In the systemd service file on linux, under [Services] add:

Environment=MySuperSecretPassword=123456

Inside of application.yml, to call this do:

manager-password: ${MySuperSecretPassword}

Reload your daemon and it should work!

paulosilenthill · May 29, 2020, 10:57pm

Hello, @sitrii. I tried to do that, but It did not work. I think I did something wrong. Where is the systemd service file? /lib/systemd/system/systemd-sysctl.service?

Thank you.