Add support for password files · Kovah/LinkAce#199

(2 comments) (0 reactions) (0 assignees)PHP (1,761 stars) (111 forks)batch import

EnhancementHelp wanted

Description

Is your feature request related to a problem? Please describe. Specifying passwords in environment variables is not always the best available approach. Docker swarm, for example, has support for the concepts of secrets. These are in-memory files mounted in containers under /var/run. To support the use of these secrets, an app must support reading passwords from files.

Describe the solution you'd like Add support for DB_PASSWORD_FILE and DB_REDIS_PASSWORD_FILE environment variables that, if set, will read the passwords from the specified path instead of the regular environment variables.

Describe alternatives you've considered Using the .env file, but it doesn't solve the issue as Docker's secret management can't be used with it.

Additional context None.

Contributor guide

Tech stack: None
Domain: backendsecurity
Issue type: feature
Difficulty: 3
Estimated time: 1-3 hours
Activity status: stale
Clarity: clear
Prerequisites: knowledge of PHP environment variable handlingfamiliarity with Docker secrets
Newbie friendliness: 40
Research direction: Investigate how environment variables like DB PASSWORD are currently read in the codebase, likely in config/database.php or similar. Then implement logic to check for DB PASSWORD FILE and read the file contents if set. Ensure to handle file not found errors gracefully. Review the two existing comments in the issue for any additional clarification.