Closed cliaz closed 3 weeks ago
I updated the edge build to be able to read from secrets. You should be able to set the follow variables via secrets:
WYZE_EMAIL
WYZE_PASSWORD
API_ID
API_KEY
WB_USERNAME
WB_PASSWORD
WB_API
You should be able to use secrets with something like:
services:
wyze-bridge:
...
secrets:
- WB_USERNAME
secrets:
WB_USERNAME:
file: /path/to/local/wbuser
Amazing. I will be able to test in about 20 hours and will report back.
Success. This also allows storing the Wyze creds in a file instead of configuring them in the Wyze-bridge WebUI
Details
The following works:
services:
wyze-bridge:
#image: mrlt8/wyze-bridge:latest
image: wyze-bridge-secret-edits # local image with edits from commit #1244 99974be
container_name: wyze-bridge
restart: unless-stopped
extra_hosts: *rpi
ports:
...
secrets:
- WYZE_EMAIL
- WYZE_PASSWORD
- API_ID
- API_KEY
- WB_USERNAME
- WB_PASSWORD
environment:
PUID: 1020
PGID: 1020
# - TOTP_KEY=/run/secrets/wyze_account_totp
# [OPTIONAL] IP Address of the host to enable WebRTC e.g.,:
WB_IP: rpi
secrets:
WYZE_EMAIL:
file: /mnt/...wyze_account_email
WYZE_PASSWORD:
file: /mnt/.../wyze_account_password
WYZE_TOTP:
file: /mnt/.../wyze_account_totp
API_ID:
file: /mnt/.../wyze_api_id
API_KEY:
file: /mnt/.../wyze_api_key
WB_USERNAME:
file: /mnt/...wyze_bridge_webapp_username
WB_PASSWORD:
file: /mnt/...wyze_bridge_webapp_password
Are you able to add the the TOTP_KEY
as well please?
TOTP_KEY is deprecated as wyze has retired the old auth endpoints, and 2fa is not required when using the api key/id.
possible to add secrets to the wiki? sounds like a great option.
Describe the bug
I am trying to use files to store credentials and other secret material. Due to environmental reasons (namely portainer's lack of being able to define a specific .env file), I am not using .env files. Instead, I am using docker secrets.
However, as I am not running docker swarm, I cannot use proper docker secrets. I am instead using this workaround, which is successful with Watchtower and other containers.
The following compose works for Watchtower to retrieve the gmail password from a folder on the local filesystem
However it does not work for wyze-bridge:
The files have
777
perms (for testing), and when I jump into the container I am able to see them mounted and accessible in/run/secrets
Environment (if applicable)