starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #434] Conceal sensitive data in container logs #405

New issue
Closed
opened 2026-03-02 08:18:41 +03:00 by kerem · 1 comment
kerem commented 2026-03-02 08:18:41 +03:00
Owner
Copy link

Originally created by @Hursofid on GitHub (Jun 6, 2024).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/434

Hello,
I'd like to know if there is a way to hide user passwords and PSK from being logged to stdout.
I've specified all necessary variables in the env file:

VPN_IPSEC_PSK=redacted
VPN_USER=redacted
VPN_PASSWORD=redacted
RANGE="redacted"
SUBNET=redacted
VPN_L2TP_NET="redacted"
VPN_L2TP_LOCAL=redacted
VPN_L2TP_POOL="redacted"
VPN_ADDL_USERS=redacted
VPN_ADDL_PASSWORDS=redacted
VPN_ANDROID_MTU_FIX=yes
VPN_PUBLIC_IP=redacted

The problem is that passwords, usernames are being exported to and stored in the Graylog in plaintext. I ship there all my containers logs using filebeat. It is transferred with TLS, but still, it's better to not store it anywhere.

I'll happy to provide any additional information if necessary.

Thank you

Originally created by @Hursofid on GitHub (Jun 6, 2024). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/434 Hello, I'd like to know if there is a way to hide user passwords and PSK from being logged to stdout. I've specified all necessary variables in the env file: ``` VPN_IPSEC_PSK=redacted VPN_USER=redacted VPN_PASSWORD=redacted RANGE="redacted" SUBNET=redacted VPN_L2TP_NET="redacted" VPN_L2TP_LOCAL=redacted VPN_L2TP_POOL="redacted" VPN_ADDL_USERS=redacted VPN_ADDL_PASSWORDS=redacted VPN_ANDROID_MTU_FIX=yes VPN_PUBLIC_IP=redacted ``` The problem is that passwords, usernames are being exported to and stored in the Graylog in plaintext. I ship there all my containers logs using filebeat. It is transferred with TLS, but still, it's better to not store it anywhere. I'll happy to provide any additional information if necessary. Thank you
kerem closed this issue 2026-03-02 08:18:42 +03:00
kerem commented 2026-03-02 08:18:42 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Jun 7, 2024):

@Hursofid Hello! For your use case, while it is not currently supported in this project, you can build your own customized Docker image from source code, based on this project. Please refer to build from source code. For example, you can customize run.sh to remove the output of usernames and passwords.

<!-- gh-comment-id:2153751372 --> @hwdsl2 commented on GitHub (Jun 7, 2024): @Hursofid Hello! For your use case, while it is not currently supported in this project, you can build your own customized Docker image from source code, based on this project. Please refer to [build from source code](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#build-from-source-code). For example, you can customize `run.sh` to remove the output of usernames and passwords.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#405
No description provided.