Configuration

We configure the application through the use of environment variables. Mainly because this is being Dockerized up front. Also, I don't want to have to deal with injecting an ini file or envfile in at buildtime. Maybe we change that later on, but for now, it's envvars.

List of Environment Variables that can be used to configure the application

• AWS_ACCESS_KEY_ID
• AWS_SECRET_ACCESS_KEY

These are used by acme.sh to generate TXT records in AWS Route 53 for Let's Encrypt DNS01 challenges. Once the key and certificate and chain are downloaded from Let's Encrypt, the TXT records are removed.

TODO: Find a way to allow a custom certificate to be injected, either through a custom image build or overlay instructions to load a volume into the container. Then these variables would not be required (and that would be good from a security perspective)

• HOSTNAME

This is the Fully Qualified Domain Name of the container. It does not need to be the same as the host, or the router it is behind.

• GOOGLEPLEX_TOKEN

This is the value for the x-googleplex-authentication HTTP header that will be looked for to validate requests. If you do not supply one here, a random 16 character string will be generated that the program will instead treat as valid.

• GOOGLEPLEX_CREDENTIALS

This is the value of the Authorization header treated as valid. This can be used to support HTTP Basic authentication, HTTP Digest authentication or any other scheme using the Authorization header (well, hopefully, I haven't tried them yet.)

Note that for the GOOGLEPLEX_TOKEN and GOOGLEPLEX_CREDENTIALS variables, as long as one of these tests True, then requests will be treated as valid.