From c26207fff6b57e15e6a70df796f9562861202a87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Valdimar=20Bj=C3=B6rn=20=C3=81sgeirsson?= Date: Mon, 13 Sep 2021 16:57:12 +0000 Subject: [PATCH 1/2] Read mqtt user and password from environment Environment variables override config variables, if they exist --- cmd/mqtt2prometheus.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/cmd/mqtt2prometheus.go b/cmd/mqtt2prometheus.go index 17da069..bfcad1f 100644 --- a/cmd/mqtt2prometheus.go +++ b/cmd/mqtt2prometheus.go @@ -79,6 +79,17 @@ func main() { if err != nil { logger.Fatal("Could not load config", zap.Error(err)) } + + mqtt_user := os.Getenv("MQTT2PROM_MQTT_USER") + mqtt_password := os.Getenv("MQTT2PROM_MQTT_PASSWORD") + + if mqtt_user != "" { + cfg.MQTT.User = mqtt_user + } + if mqtt_password != "" { + cfg.MQTT.Password = mqtt_password + } + mqttClientOptions := mqtt.NewClientOptions() mqttClientOptions.AddBroker(cfg.MQTT.Server).SetCleanSession(true) mqttClientOptions.SetAutoReconnect(true) From 83413b19e29c443eb73031a2955ee40c16dd335d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Valdimar=20Bj=C3=B6rn=20=C3=81sgeirsson?= Date: Mon, 20 Sep 2021 13:12:15 +0000 Subject: [PATCH 2/2] Update readme for env vars Describe how to supply MQTT username and password via environment variables. --- Readme.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/Readme.md b/Readme.md index 1400700..f43d2de 100644 --- a/Readme.md +++ b/Readme.md @@ -179,6 +179,30 @@ metrics: error_value: 1 ``` +### Environment Variables + +Having the MQTT login details in the config file runs the risk of publishing them to a version control system. To avoid this, you can supply these parameters via environment variables. MQTT2Prometheus will look for `MQTT2PROM_MQTT_USER` and `MQTT2PROM_MQTT_PASSWORD` in the local environment and load them on startup. + +#### Example use with Docker + +Create a file to store your login details, for example at `~/secrets/mqtt2prom`: +```SHELL +#!/bin/bash +export MQTT2PROM_MQTT_USER="myUser" +export MQTT2PROM_MQTT_PASSWORD="superpassword" +``` + +Then load that file into the environment before starting the container: +```SHELL + source ~/secrets/mqtt2prom && \ + docker run -it \ + -e MQTT2PROM_MQTT_USER \ + -e MQTT2PROM_MQTT_PASSWORD \ + -v "$(pwd)/examples/config.yaml:/config.yaml" \ + -p 9641:9641 \ + ghcr.io/hikhvar/mqtt2prometheus:latest +``` + ## Best Practices The exporter can only listen to one topic_path per instance. If you have to listen to two different topic_paths it is