questions about docker secrets

[aleprovencio]

Following this last docker-compose example on the official README, it uses a docker secret that has passwords for the postgres and odoo user.

Although I have not tested using the secret in a swarm context using docker secret commands, I realized that this will have permission issues for secret file created with restrictive permissions (i.e, root owned, 600) probably because this image runs as odoo user instead of root.

I've also seen this issue still not closed although there was already this merge.

Anyways, are there any additional thoughts about this?

[lathama]

There are many gaps here. Currently inside the container the password is exposed in some ways. If password management is an issue I would suggest building the containers with an altered entrypoint.sh and a fully populated odoo.conf

Good question btw

[lathama]

@aleprovencio in an effort to clean up the issue queue can you close this if you have what you need?

[aleprovencio]

Sure, and thanks for considering this @lathama