refactor: improve gateway env vars security and limits

- Add max limits (50 vars, 255 char names, 10000 char values)
- Validate variable names with regex
- Warn about duplicate variables
- Show var names in logs (not just count)
- Improve bash parsing with process substitution
- Better config documentation with examples
This commit is contained in:
macm1
2026-02-23 05:36:07 +03:00
parent 5086b88a00
commit 9b402d3130
3 changed files with 73 additions and 13 deletions
+7 -2
View File
@@ -89,8 +89,13 @@ options:
force_ipv4_dns: false
# Environment variables to pass to the gateway (semicolon-separated key=value pairs)
# Example: "SERVICE_API=123;SERVICE2_API=1231"
# These will be exported as environment variables when running the gateway
# Format: "KEY1=value1;KEY2=value2" (semicolon-separated, no spaces around '=')
# Examples:
# - API keys: "OPENAI_API_KEY=sk-abc123;ANTHROPIC_API_KEY=claude-key"
# - Service URLs: "SERVICE_URL=https://api.example.com;LOG_LEVEL=debug"
# - Features: "FEATURE_FLAG_X=1;FEATURE_FLAG_Y=0"
# Limits: max 50 variables, max key length 255 chars, max value length 10000 chars
# Note: Values may contain special characters; they are not shell-escaped
gateway_env_vars: ""