search

harleylang / hydroxide-docker

Docker configuration examples for the hydroxide package
MIT License
15 stars 3 forks source link

Remove plain password input into environmental vars #1

Open harleylang opened 4 years ago

harleylang commented 4 years ago

See: https://github.com/emersion/hydroxide/issues/109#issuecomment-658490964

arichtman commented 3 years ago

I note that comment linked is around the TLS wrapper security - I can add that by adding a Traefik service into the Docker-Compose. However the title for this issue is talking about plain password input - I can see a few issues around security - shall I just add them myself seperately?

harleylang commented 3 years ago

@arichtman yes any PRs that seeks to tighten the security of the Dockerfile / docker-compose (including best practices for inputting / storing passwords) are welcome!!!