Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add info about necessity to setup "username" and "password" within config file #88

Open
knuurr opened this issue Jul 23, 2023 · 2 comments
Open

Add info about necessity to setup "username" and "password" within config file #88

knuurr opened this issue Jul 23, 2023 · 2 comments
Labels
enhancement New feature or request

Comments

@knuurr
Copy link

knuurr commented Jul 23, 2023

I was having trouble with launching betanin the first time (both first install on amchine and first usage in my life) because I've seen in Portainer that contianer is constantly restarting itself.

I initialy thought it's about user permissions - and indeed there was such problem, but after fixing it container still restarted itself

2023-07-23 17:25:44.999 | ERROR    | betanin.entry.betanin:_ensure_config:69 - please provide a frontend username and password

I had to provide username and password manually, using vim into my config.toml file:

[frontend]
username = "user"
password = "pass"

I believe to have truly automated and seamless experience, either:

  • provide default user + pass for application after install - there are users like me who have it behind reverse proxy with SSO, so I don't care that much about what credentials I use here
  • allow to configure them via env variables passed, i.e. using environment section in docker-compose - either credentials or even option to disable it completely
  • provide info on github page about necessity to provide these manually in confing after first run, after config generates, otherwise web page won't display

Thanks for cool piece of software, will test it soon, I hope you will find my proposal useful for the project.
@sentriz sentriz added the enhancement New feature or request label Jul 25, 2023
@DuvelCorp
Copy link

DuvelCorp commented Dec 10, 2023
edited

Hi,

Starting with your tool and I noticed that error too.
Same remark as @knuurr : it makes no sense to have to hardcode a user/pass there, if the service isn't exposed to the internet and only accessible from a LAN/DMZ.
Also it is bad security as (unless I missed something) the app exposes only a http port and no https, meaning that the credentials could be easily sniffed on the network it runs.

Cheers

@sentriz
Copy link
Owner

sentriz commented Dec 10, 2023

the password needs to be kept somewhere. I don't think hardcoding is the issue

we could store a hash instead of plaintext but thats a separate issue

as for TLS, its better practise to terminate at a reverse proxy instead. you don't want all your individual services managing their own certs. that can get very messy

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sentriz @DuvelCorp @knuurr