April 08, 2021 02:58PM
Hello!

I currently use Nginx as a reverse proxy for my backend services.

Nginx authenticates itself to the backend services using a Token that is generated by a process every 10 minutes and that process is writing the token in the config file and reloading nginx regularly:

location / {
proxy_set_header Authorization "PLAIN TEXT TOKEN WRITTEN BY PROCESS";
proxy_pass https://backend;
}

I would like to avoid having a token in plain text. Is there a way to avoid that?
I though of the following options:
- Use env var: But that is impossible nginx doesn't support it
- Query the token by having the process establish a local server. Could work but how can the process return the result as a variable to nginx?
- Pass the config in memory instead of writing it to a file. Could be a simple option but I didn't find a way to do that.

Do you have any idea how I can achieve that?

Thank you!
Hugues
Subject Author Posted

Plain text token in config!

bouvierh April 08, 2021 02:58PM

Re: Plain text token in config!

Sergey A. Osokin April 08, 2021 03:44PM

Re: Plain text token in config!

bouvierh April 08, 2021 08:21PM

Re: Plain text token in config!

bouvierh April 08, 2021 08:21PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 67
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready