[Feature Request] Allow variables in config file

[modem7]

Would it be possible to allow variables in the config files?

E.g.

- Media:
    - Sonarr:
        href: http://192.168.0.254:8989
        #description: Homepage is awesome
        server: myserver
        container: Sonarr
        widget:
          type: sonarr
          url: http://192.168.0.254:8989 # no slash at the end
          key: $SONARRKEY

Then in the compose file, we can do something like:

  homepage:
    image: ghcr.io/benphelps/homepage:latest
    container_name: Homepage
    environment:
      - SONARRKEY=xNYcIvYlbEiBXiIXJo3HDw32
    ports:
      - 8045:3000
    volumes:
      - $USERDIR/Homepage:/app/config
      - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations

(note: key used was randomly generated for this request)

[benphelps]

I believe something like this could work, and would tie into the other feature request for configuration via labels. I'll add this to the list of future enhancements.

[SolomonHD]

Yes this would greatly facilitate saving the config file in git.

[jameswynn]

@JazzFisch @shamoon I'm considering a simple substitution of environment variables into the configs as they are loaded, but for security reasons, limiting it to environment variables that start with "HOMEPAGE_". For example:

- Media:
  - Jellyfin:
      icon: jellyfin.png
      href: https://jellyfin.mydomain.tld
      description: Static Video Entertainment
      app: jellyfin
      namespace: media
      widget:
        type: jellyfin
        url: https://jellyfin.int.wynning.tech
        key: {{HOMEPAGE_JELLYFIN_APIKEY}}

Then the HOMEPAGE_JELLYFIN_APIKEY env var could be set either directly as an environment variable, or populated from a Kubernetes secret. I don't love the simple string replacement approach, but the only practical alternatives I saw were to use a full templating library and that feels like gross overkill for the need.

[mlametta]

Just to clarify, currently docker secrets cannot be used in the yaml config files?

I attempted using docker secrets and it appears that the container reads the secret correctly but I cannot get it working with the config files. Hiding passwords and api keys from plain-text would be a much appreciated addition to this project. Thank you!

[jameswynn]

With this approach, no. Perhaps I could expand the solution with an additional prefix for file-based secrets. We could support the "HOMEPAGE_" prefix for direct values and "HOMEPAGEFILE_" prefix for secrets stored in files. So at runtime it would read the file contents from the specified file and substitute it in just as it would for normal variables.

[jameswynn]

An alternative could be to extend the variables themselves. For instance, the widgets' "key" field could also have "key-var" and "key-file" which would map to an environment variable and a file respectively. We would need to do the same for credentials in other locations as well. This would be a less flexible approach, but would address the primary concern of storing credentials more securely.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new discussion or issue for related concerns.