You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Can we get support for using Docker secrets as a how we configure database connection details, as well as other secrets like the APP_SECRET?
Specifically support them using the same method Postgres (I think postgres does this...) and MariaDB. Where you can use the plain "MARIADB_USER" environment variable if you want, but you can also use "MARIADB_USER_FILE" and point at where Docker mounts the secret for your username.
Individual variables/secrets for each part of the database url would be nice as well. That lets you use the same secret on both app and database services.
Why
Using environment variables does not make it easy to keep secrets out of git, or other places they shouldn't be.
In my specific use case, I am deploying to docker swarm via Portainer, and I'm using a git repo as the source for my stack. Which means I have to commit my database connection details in plain text, or store them in Portainer as plain text.
I'd much rather place them in a Docker secret. (And, eventually, use OpenBao/Hashicorp Vault to manage them...)
Thanks!
(Also, thanks for creating a good, Open Source, stats app. I definitely appreciate being able to dump Google in at least a couple more places.)
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
What
Can we get support for using Docker secrets as a how we configure database connection details, as well as other secrets like the APP_SECRET?
Specifically support them using the same method Postgres (I think postgres does this...) and MariaDB. Where you can use the plain "MARIADB_USER" environment variable if you want, but you can also use "MARIADB_USER_FILE" and point at where Docker mounts the secret for your username.
Individual variables/secrets for each part of the database url would be nice as well. That lets you use the same secret on both app and database services.
Why
Using environment variables does not make it easy to keep secrets out of git, or other places they shouldn't be.
In my specific use case, I am deploying to docker swarm via Portainer, and I'm using a git repo as the source for my stack. Which means I have to commit my database connection details in plain text, or store them in Portainer as plain text.
I'd much rather place them in a Docker secret. (And, eventually, use OpenBao/Hashicorp Vault to manage them...)
Thanks!
(Also, thanks for creating a good, Open Source, stats app. I definitely appreciate being able to dump Google in at least a couple more places.)
Beta Was this translation helpful? Give feedback.
All reactions