node-solid-server icon indicating copy to clipboard operation
node-solid-server copied to clipboard
verified publisher icon nodeSolidServer

Docker image defaults to loading ssl cert/key from environment variables

Open alastair opened this issue 5 years ago • 1 comments

For configuration of n-s-s, the readme file specifies

CLI flags take precedence over Environment variables, which take precedence over entries in the config file.

I see that the Dockerfile uses environment variables to specify the ssl cert and key: https://github.com/solid/node-solid-server/blob/ca5bffbf2299a334eb6c5b7d26b37458df8f6624/docker-image/src/Dockerfile#L23-L24

This caused me some confusion when I first tried to configure the cert and key using the config file. It continued to use the values from the env variables over my config file. I was able to override this with a flag.

I think it'd be a good idea to indicate in the docker section of the readme that these environment variables are set, and that if you want to override them you must use the flag rather than the config file.

I initially had a large draft ticket written for this problem, until I found the Dockerfile environment variable and looked at the documentation again and found the section about precedence. I thought I was going crazy because it was loading some values from the config file but not others. I wonder if it could be made clearer, either in debug output, or the documentation about this precedence (for example during debug the server could output something like 'using config setting x from [cli|env|config]'

Thanks!

alastair avatar Jul 23 '20 10:07 alastair

The described behavior is extremely counterintuitive, and, I would say, wrong, in addition to being in disagreement with the current docs. (scroll up two paragraphs from the header to which this links)

I would expect the following, which matches my experience with other tools --

CLI flags take precedence over entries in the config file, which take precedence over Environment variables.

This makes sense to me because CLI flags reflect the immediate intent for an immediate run of a specific tool; the config file reflects the persistent intent for repeated runs of a specific tool; and the Environment variables reflect the persistent (or default) intent of a machine admin for any and all tools (as Environment variables are most commonly meant for multiple tools, not just a single specific tool). Yes, Environment variables may be changed for an immediate run, but CLI flags seem more convenient to me.

Of course, if "The config.json should not be used at all", the doc should read more like --

CLI flags take precedence over Environment variables, which take precedence over entries in the config file. The config.json should not be used at all.

(Quite likely, this should be combined with #1450.)

TallTed avatar Nov 09 '20 18:11 TallTed