~/Blog

Brandon Rozek

Photo of Brandon Rozek

PhD Student @ RPI studying Automated Reasoning in AI and Linux Enthusiast.

Docker Secrets

Published on

Updated on

I try to keep secrets such as passwords and keys out in their own separate files so that I can .gitignore them and commit the rest of my configuration. With docker-compose we can do that with the env_file field. Here is an example with a postgres configuration:

database:
  image: postgres:13.4
  container_name: database
  hostname: database
  env_file:
    - Volumes/database/docker.env
  volumes:
    - Volumes/database/var/lib/postgresql/data:/var/lib/postgresql/data

Then in Volumes/database/docker.env I can have a file with the secrets as key-value pairs:

POSTGRES_USER=user
POSTGRES_PASSWORD=389ed93045c84cc0828c4310e6ef76ce
POSTGRES_DB=database
Reply via Email Buy me a Coffee
Was this useful? Feel free to share: Hacker News Reddit Twitter