Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow setting certificates/key pairs via environment variables #2

Open
stevenbal opened this issue May 31, 2022 · 2 comments
Open

Allow setting certificates/key pairs via environment variables #2

stevenbal opened this issue May 31, 2022 · 2 comments
Labels
question Further information is requested

Comments

@stevenbal
Copy link

Suggestion from gemeente Amsterdam:

Could it be possible to store certificates/private keys for mutual TLS using environment variables (as an extra option, instead of uploading them via the admin interface) and referring to those environment variables in the Certificate model? This removes the need to have (persistent) volumes to keep uploaded certificates in storage after redeploys.

@sergei-maertens thoughts?

@stevenbal stevenbal added the question Further information is requested label May 31, 2022
@sergei-maertens
Copy link
Member

I'd suggest creating a fixture instead with the paths to the certificates, and then mounting the certificates as ConfigMap/Secret in a subfolder of the private-media storage. That way you still have the database records, they point to actual mounted files and no code changes are needed.

At the deployment level, you can set up an init container to ensure the fixture is loaded (and migrations are run).

@joeribekker
Copy link
Member

I'm open to integration with keystores and the likes.

This library was created for self-service changing certificates, instead of having environment variables :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

3 participants