More about hiding a mill behind CF auth

You can’t do it

at least if you want to have sync capabilities. While service tokens give you a key-secret pair to pass as headers with requests, I’d have to modify the wmill cli source and rebuild my own in order to set custom headers to include that stuff, so forget it. Way out of scope for my needs.

In the meantime I am interested in in at some point editing the sync script make a commit for each folder with changed files. Not a priority, but eventually.

EDIT 5 minutes later

I just realized this would also require you to attach custom headers to a request to any of the other ways you’d want to interact with a wmill server - basic functionalities like using Apps, making requests to webhooked scripts or flows, and the entire SMTP server, are all impossible without modifying windmill source code.

So forget that entirely. Just set good auth on the instance, the features are there :)