[FEATURE]: Support file-based secrets in MCP server env configuration

[malikwirin]

Feature hasn't been suggested before.

• I have verified this feature I'm about to request hasn't been suggested before.

Describe the enhancement you want to request

Problem

OpenCode's MCP server configuration accepts env values as literal strings.
This makes it incompatible with secret managers that expose secrets as files on disk rather than as host environment variables — such as sops-nix, systemd credentials, Docker secrets, or pass.

With file-based secret managers, secrets are decrypted at runtime and written to paths like /run/secrets/my_token. They are never present as environment variables in the OpenCode process itself, so there is currently no way to inject them into MCP server environments.

Proposed Solution

Introduce an env_files key in the MCP server config that maps environment variable names to file paths. OpenCode would read the file contents and set the variable before spawning the MCP server process — no shell involved:

"codeberg": {
  "type": "local",
  "command": "/path/to/forgejo-mcp",
  "args": ["transport", "stdio", "--url", "https://codeberg.org"],
  "env_files": {
    "FORGEJO_ACCESS_TOKEN": "/run/secrets/codeberg_token"
  }
}

Why not use host environment variables?

File-based secret managers like sops-nix or systemd credentials do not populate the host environment. The secrets only exist as files at runtime and are not accessible via process.env in the OpenCode process.

Related

A similar request exists for charmbracelet/crush:
charmbracelet/crush#2334

Alternatives Considered

• Wrapper shell scripts per MCP server — functional but requires boilerplate outside the config and complicates NixOS/Home Manager module integration
• Storing secrets as host env vars — not applicable for file-based managers

[github-actions]

This issue might be a duplicate of existing issues. Please check:

• [FEATURE]: {cmd:} config placeholder for credential helpers #12710: Requests a {cmd:} config placeholder for credential helpers — covers a similar use case of injecting secrets from external sources (credential managers like pass, 1Password, macOS Keychain) into MCP server config, overlapping in motivation though using a different mechanism
• add ability to load secrets from external command or environment variables in the config file #231: "add ability to load secrets from external command or environment variables in the config file" — same underlying problem of keeping secrets out of config files (now closed)
• [FEATURE]: mcp server environment must accept env var. #6055: "mcp server environment must accept env var" — related request for env var substitution in MCP server environment config (now closed)

If your use case is specifically about file-based secrets (e.g. sops-nix, systemd credentials) and the existing issues don't cover it adequately, feel free to clarify how this differs from the above.

[malikwirin]

mittels deiner Zetierung kann ich den Text nicht copy Pasten
gib mir nur den closing text

Closing this — opencode already supports this use case natively via variable substitution in the config. File-based secrets can be injected using the {file:/path/to/secret} syntax in any config value, including MCP environment entries:

"environment": {
  "FORGEJO_ACCESS_TOKEN": "{file:/run/secrets/codeberg_token}"
}

No shell expansion or wrapper scripts needed. This has been documented and available at least since v0.3.80.