Store LDAP bind credentials in environment variables for pg_hba.conf



  • I am working on setting up LDAP authentication for a PostgreSQL database and have added the following in my pg_hba.conf file:

    # TYPE  DATABASE    USER    ADDRESS     METHOD
    host    all         all     all         ldap ldapurl="ldap://example.local/dc=example,dc=local?sAMAccountName" ldapbinddn="username" ldapbindpasswd="password"
    

    It works! But now I'd like to store the username and password as environment variables, like I do for most of my config settings. I've tried adding the username and password as $LDAPUSERNAME or "$LDAPUSERNAME" but they aren't inserting any values. Is this possible?

    Note: The database will be running in a docker container. If I have to run some script to process the pg_hba.conf file before starting the database, I can.



  • You cannot specify these settings via environment variables in PostgreSQL. Remember that ldapbindpasswd is specific to a certain pg_hba.conf line, and different lines could have different settings.




Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2