Open kafeinnet opened 6 years ago
Thanks for the issue, @kafeinnet
Docker secrets is available in docker 1.13 or higher. I primarily use CoreOS to host my containers and docker 1.13 is not available just yet (see: https://coreos.com/releases ). I can make the suggested changes. Would you be OK with the entrypoint script checking for the existence of secrets using the same naming convention as the environment variables? Example:
/run/secrets/DATABASE_ADMIN_PASSWORD
Yep, that would be perfect.
Hi @kafeinnet
Please check the newest version of the latest tag and let me know if it works for you 😄
There is a typo (some spaces around =) when you read the content of the secret files which cause an error. Beside that, it works perfectly.
I made a pull request ( #87 ) with the typo corrected and a new option I needed for my setup. Fell free to merge it.
\fab
Hi @kafeinnet
Oops! Thanks for finding and fixing it 👍
Hi,
Env vars are insecure. So, passwords like the mysql one should be retrieved from docker secrets instead of env vars.
Maybe the entrypoint script could source secret if any is provided (/run/secrets/*), then get password from env var if no secret is present, then default to a random value.
\fab