Crontab: Provide capability to define/source environment variables in crontabs

Problem/Justification
Currently, it’s not possible to specify a crontab-wide environment variable in the UI. Given that a lot of interactions with other systems require passing some sort of key material, token, credential, etc. it would be advantageous to offer the ability to define these in the user’s crontab.
The manual page crontab(5) provides examples of this and further notes the optional environment variables crontab recognizes to modify its own behaviour.

In essence, the crontab looks like this in this case:

MY_ENV_VAR="some-value-goes-here"
37 */1 * * * /path/or/command -to=run

Alternatively, it may be preferable to allow the user to have a file in a persisted directory to contain these sorts of environment variables with a small text field editor in the UI to maintain it. In this case, it would be advantageous to offer the user the ability to automatically source this file in their job definition.

Invoking a job in this manner looks like

37 */1 * * * source /some/persistent/file.sh ; /path/or/command -to=run

Impact
The impact of this story is to provide additional flexibility to the user while removing another need to access the CLI. There is some potential negative impact to security as it could lead to key material living in a user’s crontab which is not completely secure.

User Story
As a TrueNAS admin I would like the ability to centralize the definition and management of environment variables needed to execute cron jobs successfully so that these variables can be easily managed in the TrueNAS UI.

I understand the request, just not the practicality of this. Do you have many cron jobs that require a set of global environment variables? (I am not pushing back, just wondering about the use case)

Back in the olden days, we either had a shell script for each job with the appropriate ENV set in the script, or if we needed global, have a script called globalrunner.sh, set all the env variables and then execute whatever is passed as parameter $1, etc.

1 Like

Hi,

I ran into this earlier today trying to work around the lack of a DNS provider for LetsEncrypt for my DNS company. My cronjob needs access to an API key to post into TrueNAS for the deployment step. I can see, though, where I’d want something similar for other syncing tasks or integration tasks that are not directly supported in TrueNAS.

-c

Wouldn’t then a better feature request be to add support for your DNS provider?

1 Like

Actually I think the better request is “integrate acme.sh into TrueNAS” but I thought that ask was too big. Maybe I should also add that.

-c