this post was submitted on 14 Aug 2023
18 points (95.0% liked)

Docker

1255 readers
1 users here now

founded 2 years ago
MODERATORS
erlingur
ProgramPhoenix
Ategon
18
Best practice for docker compose passwords? (lemmy.zip)
submitted 2 years ago by [email protected] to c/docker
7 comments fedilink hide all child comments
 

For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?

Also do the passwords have to be strong if the db is only available to the service through the docker network?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] object_Object 2 points 2 years ago* (last edited 2 years ago) (1 children)

If the value is still passed as an environment variable in the end, it can be read via /proc/:pid/environ from another container or from the host if they are both using the same UID (or has --cap-add SYS_PTRACE)

[โ€“] derpgon 1 points 2 years ago

Oh, didn't think about that. Well, at least it works.