add env: prefix to username and password to load them from environm…

…ent variables

README.md

@@ -27,9 +27,7 @@ For docker-compose, simply download the docker-compose.yml and the example confi
 
 ## Config
 
-Configuration is loaded from `config.toml` if the file exists. You can also set settings using environment variables:
-
-`[email protected]`
+Configuration is loaded from `config.toml` if the file exists.
 
 A minimal config looks like this, for a full example/reference, check out `config-example.toml`.
 
@@ -47,6 +45,8 @@ url = ""  # Base Connection URL
 validate_certs = false  # Validate HTTPS certificates
 username = "admin"
 password = "admin"
+# Alternatively, you can load username and password from environment variables, like so:
+# username = "env:MY_ENV_VAR"
 
 [appliances.my-appliance.extension]
 cert_name_a = "test-le-cert-a"

internal/appliances/base.go

@@ -4,6 +4,8 @@ import (
 	"crypto/tls"
 	"fmt"
 	"net/http"
+	"os"
+	"strings"
 
 	"beryju.org/acme-for-appliances/internal/keys"
 	"github.com/go-acme/lego/v4/certificate"
@@ -53,6 +55,24 @@ func (a *Appliance) GetDomains() []string {
 	return a.Domains
 }
 
+func (a *Appliance) GetUsername() string {
+	if strings.HasPrefix(a.Username, "env:") {
+		envName := strings.Split(a.Username, "env:")
+		a.Logger.WithField("env", envName[1]).Debug("Got username from env")
+		return os.Getenv(envName[1])
+	}
+	return a.Username
+}
+
+func (a *Appliance) GetPassword() string {
+	if strings.HasPrefix(a.Password, "env:") {
+		envName := strings.Split(a.Password, "env:")
+		a.Logger.WithField("env", envName[1]).Debug("Got password from env")
+		return os.Getenv(envName[1])
+	}
+	return a.Password
+}
+
 func (a *Appliance) GetKeyGenerator(storageBase string) keys.KeyGenerator {
 	return keys.NewECDSAKeyGenerator(storageBase)
 }

internal/appliances/citrixadc/citrix_adc.go

@@ -21,8 +21,8 @@ func (adc *CitrixADC) Init() error {
 	// Validate Connection Details
 	client, err := netscaler.NewNitroClientFromParams(netscaler.NitroParams{
 		Url:       adc.URL,
-		Username:  adc.Username,
-		Password:  adc.Password,
+		Username:  adc.GetUsername(),
+		Password:  adc.GetPassword(),
 		SslVerify: adc.ValidateCerts,
 	})
 	if err != nil {

internal/appliances/netapp/utils.go

@@ -93,7 +93,7 @@ func (na *NetappAppliance) req(method string, path string, body interface{}) (*h
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to create get request")
 	}
-	req.SetBasicAuth(na.Username, na.Password)
+	req.SetBasicAuth(na.GetUsername(), na.GetPassword())
 	req.Header.Add("Accept", "application/json")
 	if body != nil {
 		req.Header.Add("Content-Type", "application/json")

internal/appliances/vmwarevsphere/vmware_vcenter.go

@@ -36,7 +36,7 @@ func (v *VMwareVsphere) Init() error {
 	if err != nil {
 		return err
 	}
-	req.SetBasicAuth(v.Username, v.Password)
+	req.SetBasicAuth(v.GetUsername(), v.GetPassword())
 	resp, err := v.client.Do(req)
 	if err != nil {
 		return err

internal/config/config.go

@@ -35,9 +35,6 @@ func Load(cfgFile string) {
 	viper.SetDefault("acme.refresh_threshold", 15)
 	viper.SetDefault("acme.resolvers", []string{})
 
-	viper.SetEnvPrefix("a4a")
-	viper.AutomaticEnv() // read in environment variables that match
-
 	// If a config file is found, read it in.
 	err := viper.ReadInConfig()
 	if err == nil {