leaf node and authentication #5715
-
|
Maybe I missed something important, but I don't understand how this is supposed to work. I want to integrate a single leaf node into an existing nats server. In the documentation you can find examples like this: Plaintext passwords in the configuration file. That's fine for a getting-started scenario, but not exactly suited for real-world scenarios, if you ask me. What I have is an environment variable, which contains a password, either plaintext or bcrypt (since, nats seems to supports it?!). And that env variable comes from a Kubernetes secret. And I would love to just reference that in the configuration file. But for some reason that doesn't work in the remote uri string. This is not working and will lead to authorization error messages on the leaf node side and authentiation error messages on the server side (not exactly consistent btw: authorization vs authentication, meaning both side telling me a different story). So... how can I pass a password from an environment variable into the configuration for the leaf node to connect with the nats server? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
This is not supported at this time but we have a branch that we are working on to properly support it without breaking backward compatibility. You could place whole url string in the ENV today, that will work. |
Beta Was this translation helpful? Give feedback.
-
|
That workaround works. Not super awesome, but it works. Thanks. I find it strange though, that the NATS server complains when a password is plaintext, even when it comes from an env variable. And on the leaf node side, plaintext passwords seem like the only option for remotes. I'm looking forward to see those changes you mentioned ;-) |
Beta Was this translation helpful? Give feedback.
This is not supported at this time but we have a branch that we are working on to properly support it without breaking backward compatibility.
You could place whole url string in the ENV today, that will work.