search

coollabsio / pocketbase

Unofficial Pocketbase docker images for ARM & AMD
52 stars 12 forks source link

Support encryption environment #31

Closed janbiasi closed 1 month ago

janbiasi commented 2 months ago

Would it be an option to switch from CMD to ENTRYPOINT to support setting the encryptionEnv via the docker-compose.yml file? I'd be open to submit a PR for that if nothing speaks against the change :)

My goal:

services:
  pocketbase:
    image: 'ghcr.io/coollabsio/pocketbase:latest'
    environment:
      - SERVICE_FQDN_POCKETBASE_8080
      - ENCRYPTION_KEY=$ENCRYPTION_KEY
    command:
      - --encryptionEnv 
      - ENCRYPTION_KEY
    volumes:
      - 'pocketbase-data:/app/pb_data'
      - 'pocketbase-hooks:/app/pb_hooks'
      - 'pocketbase-migrations:/app/pb_migrations'
    healthcheck:
      test: wget --no-verbose --tries=1 --spider http://0.0.0.0:8080/api/health || exit 1
      interval: 5s
      timeout: 5s
      retries: 5

Background: I don't want to submit plain text secrets when creating backups to an external storage.

greendesertsnow commented 2 months ago

please this is an important issue.

orenaksakal commented 2 months ago

Hi @janbiasi

sounds great, please feel free to open a PR 👍

orenaksakal commented 1 month ago

This change is merged ty for your contribution