github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #3257] [Feature Request] env var secrets (certs) #2608

New issue
Closed
opened 2026-05-05 13:40:57 -06:00 by gitea-mirror · 2 comments
gitea-mirror commented 2026-05-05 13:40:57 -06:00
Owner
Copy link

Originally created by @jamesla on GitHub (Jan 17, 2023).
Original GitHub issue: https://github.com/fatedier/frp/issues/3257

Describe the feature request

I am wanting to provide a certificate to FRP via an environment variable rather than a path to a file that exists on disk. This has multiple benefits such as:

a) the cert sits in memory rather than on the disk which is protected against various file system attacks.
b) makes containerisation much easier since you don't have to deal with container state (volumes)

Instead of:

export CERT=/tmp/mycert.crt
export DASHBOARD_USER=user
export DASHBOARD_PASS=pass
export PORT=2000

./frps

I would like to do something like this:

export CERT=-----BEGIN CERTIFICATE-----
MIIDazCCAlOgAwIBAgIUetgifRZPmdu1KTF/4XQVgpvjyiIwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzAxMTcyMTU4NTFaFw0yNDAx
MTcyMTU4NTFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCychzox8DHBXznMCwcvhe0cOPKNfAZW3cD3vnN8EZn
lEEIwXminnWZ2ZyCUhORszzrq6t7p/I8WnGEXtBtvvfgFlXvaK4T6lIhBbapsLc1
UOkYz/cz+hrekXKtOFin4kTlkLhIL15MzH6hadXkuHL7TPy6HDQKetKYDcBdN8jn
ZxynQgae4Jt2AuyvE3O0TqySDoEhN9jzJmLjWZ5M3AJOMQqXoLoYFHEJZonWo+Y4
Jcas4EktUlZC2Y7XOAr/s3AQL5iZQGUqensICf00LFIP7LyMZ+PghGfukvP+NQRB
FEruYn55Ih0MyynaYSbvVr/04Wtmzpo3cG1FhGVrM1vvAgMBAAGjUzBRMB0GA1Ud
DgQWBBRA7o4by1mpPEM9rSi8qTbc04LT7DAfBgNVHSMEGDAWgBRA7o4by1mpPEM9
rSi8qTbc04LT7DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCD
Raj5lv8y4fmbupH71CCWm0DfqYyiYuEqJahhUYCeuzmP6Ug6zLzIQMBqBRgnYwub
K4SSsj/CqUfpapZFrUlyhQCzVwPMDNM55ybJWqz4SaT06Y6aHNZOnoARgieidDgt
LF3dQgBQHgqtyED5jKP26QKPov1kRE6Rmse1dW0X5Xhal1pnVg6y7ILps9qGRiYP
j+i8irPiY6eDG4/4ikyQh2igg6Vbkwgao4ILW57qoZbUAN43CKct+lg51IE0CXpo
7hs6yIyzM+FdkhQixw99184m1cBN0t0s2O9m/uFhEllfohiVOeUn5KMX9saEZ/pQ
O3Kwde9V1JLqpueJvPib
-----END CERTIFICATE-----
export DASHBOARD_USER=user
export DASHBOARD_PASS=pass
export PORT=2000

./frps

Is this possible with FRPs current configuration options?

Describe alternatives you've considered

No response

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @jamesla on GitHub (Jan 17, 2023). Original GitHub issue: https://github.com/fatedier/frp/issues/3257 ### Describe the feature request I am wanting to provide a certificate to FRP via an environment variable rather than a path to a file that exists on disk. This has multiple benefits such as: a) the cert sits in memory rather than on the disk which is protected against various file system attacks. b) makes containerisation much easier since you don't have to deal with container state (volumes) Instead of: ```bash export CERT=/tmp/mycert.crt export DASHBOARD_USER=user export DASHBOARD_PASS=pass export PORT=2000 ./frps ``` I would like to do something like this: ```bash export CERT=-----BEGIN CERTIFICATE----- MIIDazCCAlOgAwIBAgIUetgifRZPmdu1KTF/4XQVgpvjyiIwDQYJKoZIhvcNAQEL BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzAxMTcyMTU4NTFaFw0yNDAx MTcyMTU4NTFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCychzox8DHBXznMCwcvhe0cOPKNfAZW3cD3vnN8EZn lEEIwXminnWZ2ZyCUhORszzrq6t7p/I8WnGEXtBtvvfgFlXvaK4T6lIhBbapsLc1 UOkYz/cz+hrekXKtOFin4kTlkLhIL15MzH6hadXkuHL7TPy6HDQKetKYDcBdN8jn ZxynQgae4Jt2AuyvE3O0TqySDoEhN9jzJmLjWZ5M3AJOMQqXoLoYFHEJZonWo+Y4 Jcas4EktUlZC2Y7XOAr/s3AQL5iZQGUqensICf00LFIP7LyMZ+PghGfukvP+NQRB FEruYn55Ih0MyynaYSbvVr/04Wtmzpo3cG1FhGVrM1vvAgMBAAGjUzBRMB0GA1Ud DgQWBBRA7o4by1mpPEM9rSi8qTbc04LT7DAfBgNVHSMEGDAWgBRA7o4by1mpPEM9 rSi8qTbc04LT7DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCD Raj5lv8y4fmbupH71CCWm0DfqYyiYuEqJahhUYCeuzmP6Ug6zLzIQMBqBRgnYwub K4SSsj/CqUfpapZFrUlyhQCzVwPMDNM55ybJWqz4SaT06Y6aHNZOnoARgieidDgt LF3dQgBQHgqtyED5jKP26QKPov1kRE6Rmse1dW0X5Xhal1pnVg6y7ILps9qGRiYP j+i8irPiY6eDG4/4ikyQh2igg6Vbkwgao4ILW57qoZbUAN43CKct+lg51IE0CXpo 7hs6yIyzM+FdkhQixw99184m1cBN0t0s2O9m/uFhEllfohiVOeUn5KMX9saEZ/pQ O3Kwde9V1JLqpueJvPib -----END CERTIFICATE----- export DASHBOARD_USER=user export DASHBOARD_PASS=pass export PORT=2000 ./frps ``` Is this possible with FRPs current configuration options? ### Describe alternatives you've considered _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror 2026-05-05 13:40:57 -06:00
gitea-mirror commented 2026-05-05 13:41:00 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Jan 18, 2023):

Are there other projects that do like this?

<!-- gh-comment-id:1386392954 --> @fatedier commented on GitHub (Jan 18, 2023): Are there other projects that do like this?
gitea-mirror commented 2026-05-05 13:41:01 -06:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Feb 18, 2023):

Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

<!-- gh-comment-id:1435423489 --> @github-actions[bot] commented on GitHub (Feb 18, 2023): Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2608
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?