Merge pull request #2143 from 24367dfa/feat/env-var-config

jhaals · web-flow · commit 5eeb0708ad77 · 2025-03-12T14:02:54.000+01:00
Feature: env var config
diff --git a/README.md b/README.md
@@ -82,7 +82,7 @@ The following options are currently available to install the CLI locally.
 
 Here are the server configuration options.
 
-Command line flags:
+### Command line flags
 
 ```console
 $ yopass-server -h
@@ -99,6 +99,22 @@ $ yopass-server -h
 
 Encrypted secrets can be stored either in Memcached or Redis by changing the `--database` flag.
 
+### Environment variables
+
+```console
+YOPASS_ADDRESS # listen address (default 0.0.0.0)
+YOPASS_DATABASE # database backend ('memcached' or 'redis') (default "memcached")
+YOPASS_MAX_LENGTH # max length of encrypted secret (default 10000)
+YOPASS_MEMCACHED # Memcached address (default "localhost:11211")
+YOPASS_METRICS_PORT # metrics server listen port (default -1)
+YOPASS_PORT # listen port (default 1337)
+YOPASS_REDIS # Redis URL (default "redis://localhost:6379/0")
+YOPASS_TLS_CERT # path to TLS certificate
+YOPASS_TLS_KEY # path to TLS key
+```
+
+see [docker compose example](deploy/docker-compose/env-config/docker-compose.yml)
+
 ### Docker Compose
 
 Use the Docker Compose file `deploy/with-nginx-and-letsencrypt/docker-compose.yml` to set up a yopass instance with TLS transport encryption and certificate auto renewal using [Let's Encrypt](https://letsencrypt.org/). First point your domain to the host you want to run yopass on. Then replace the placeholder values for `VIRTUAL_HOST`, `LETSENCRYPT_HOST` and `LETSENCRYPT_EMAIL` in `deploy/with-nginx-and-letsencrypt/docker-compose.yml` with your values. Afterwards change the directory to `deploy/with-nginx-and-letsencrypt` and start the containers with:
diff --git a/cmd/yopass-server/main.go b/cmd/yopass-server/main.go
@@ -39,6 +39,7 @@ func init() {
 	pflag.Bool("force-onetime-secrets", false, "reject non onetime secrets from being created")
 	pflag.CommandLine.AddGoFlag(&flag.Flag{Name: "log-level", Usage: "Log level", Value: &logLevel})
 
+	viper.SetEnvPrefix("yopass")
 	viper.AutomaticEnv()
 	viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
 	_ = viper.BindPFlags(pflag.CommandLine)
diff --git a/deploy/docker-compose/env-config/docker-compose.yml b/deploy/docker-compose/env-config/docker-compose.yml
@@ -0,0 +1,34 @@
+version: "3.0"
+
+services:
+  memcached:
+    image: memcached
+    restart: always
+    expose:
+      - "11211"
+
+  yopass:
+    image: jhaals/yopass
+    restart: always
+    ports:
+      - "127.0.0.1:80:80"
+      - "127.0.0.1:9090:9090"
+    environment:
+      # listen address (default 0.0.0.0)
+      # - YOPASS_ADDRESS
+      # listen port (default 1337)
+      - YOPASS_PORT=80
+      # metrics server listen port (default -1)
+      - YOPASS_METRICS_PORT=9090
+      # max length of encrypted secret (default 10000)
+      - YOPASS_MAX_LENGTH=100000
+      # database backend ('memcached' or 'redis') (default "memcached")
+      - YOPASS_DATABASE=memcached
+      # Memcached address (default "localhost:11211")
+      - YOPASS_MEMCACHED=localhost:11211
+      # Redis URL (default "redis://localhost:6379/0")
+      # - YOPASS_REDIS=redis://localhost:6379/0
+      # path to TLS certificate
+      # - YOPASS_TLS_CERT
+      # path to TLS key
+      # - YOPASS_TLS_KEY
