You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 16, 2023. It is now read-only.
Hi,
I have notices an issue with using _FILE environment variables / docker secrets.
I have all my passwords, keys, etc. stored in files, name them in my docker-compose as secrets, give the container access to the needed secrets and then pass them to the environment variable.
For this you usually just append _FILE to any environment variable. For example:
defined secret in the docker-compose:
I had a further look around and it looks like, that secrets and the *_FILE extenstion to environment variables need to be handled in the docker-entrypoint.sh.
Here is an example from the official MYSQL docker image:
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
mysql_error "Both $var and $fileVar are set (but are exclusive)"
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
docker_setup_env() {
# Get config
declare -g DATADIR SOCKET
DATADIR="$(mysql_get_config 'datadir' "$@")"
SOCKET="$(mysql_get_config 'socket' "$@")"
# Initialize values that might be stored in a file
file_env 'MYSQL_ROOT_HOST' '%'
file_env 'MYSQL_DATABASE'
file_env 'MYSQL_USER'
file_env 'MYSQL_PASSWORD'
file_env 'MYSQL_ROOT_PASSWORD'
declare -g DATABASE_ALREADY_EXISTS
if [ -d "$DATADIR/mysql" ]; then
DATABASE_ALREADY_EXISTS='true'
fi
}
Hi,
I have notices an issue with using _FILE environment variables / docker secrets.
I have all my passwords, keys, etc. stored in files, name them in my docker-compose as secrets, give the container access to the needed secrets and then pass them to the environment variable.
For this you usually just append _FILE to any environment variable. For example:
defined secret in the docker-compose:
in the service for paperless-ng:
This does not work with this image (and one other I use). I guess it has to be configured, that it can be used?
The text was updated successfully, but these errors were encountered: