Description
Related dev. issue(s): tarantool/tarantool#9506
Parent doc issue: #3666
Product: Tarantool
Since: 3.0
Root document:
- https://www.tarantool.io/en/doc/latest/concepts/configuration/#configuration-in-a-file
- a new
Access controltopic ([Config] Document the 'credentials' option #3666)
SME: @ Totktonada
Details
Example:
config:
context:
replicator_password:
from: file
file: secrets/replicator_password.txt
rstrip: true
client_password:
from: file
file: secrets/client_password.txt
rstrip: true
credentials:
users:
replicator:
password: '{{ context.replicator_password }}'
roles: [replication]
client:
password: '{{ context.client_password }}'
roles: [super]The new config.context section allows a user to define its own
variables, whose content resides in an environment variable or a file.
The primary usage is to extract passwords from the configuration.
All the variables are defined in config.context section as keys. Each
key is a record with the following fields.
from: eitherenvorfilefile: a file pathenv: an environment variable namerstrip: whether to strip whitespace characters from the end of the
data (it strips newlines too)
A relative file path is interpreted as relative to process.work_dir.
from is mandatory, file is mandatory when from is file, env is
mandatory when from is env, rstrip is optional.
If there is no given file or no given environment variable, an error of
a configuration applying is reported.
Requested by @ Totktonada in tarantool/tarantool@830578c.