HereHere
HereHere

Reputation: 762

docker-compose secrets without swarm

I don't want to use docker secrets with swarm and I discovered that it's possible to do that. Basically docker just mounts /run/secrets inside docker container, but when I enter the newly built docker container and do echo $POSTGRES_PASSWORD_FILE I get the path to my secret file.

root@94a0f092eeb1:/# echo $POSTGRES_PASSWORD_FILE
/run/secrets/db_password

Here is my docker-compose.yml file

version: '3.1'
services:
    postgres:
        image: postgres:9.4
        container_name: postgres
        environment:
            POSTGRES_USER: "db_user"
            POSTGRES_PASSWORD_FILE: /run/secrets/db_password
            POSTGRES_DB: "my_db"
        secrets:
          - db_password
        volumes:
            - ./postgres:/var/lib/postgresql/data
        expose:
            - 5432
secrets:
   db_password:
     file: ./POSTGRES_PASSWORD.txt

Is my password set correctly/ Is there something wrong with my file?

Upvotes: 19

Views: 17712

Answers (1)

HereHere
HereHere

Reputation: 762

Ok, so all I had to do is to remove

volumes:
    - ./postgres:/var/lib/postgresql/data

I'll try to figure out how to fix it, but essentially I answered my own question.

Here is a working example of docker-compose.yml file with secrets without using docker swarm:

version: '3.1'
services:
    postgres:
        image: postgres:9.4
        container_name: postgres
        environment:
            POSTGRES_USER: "db_user"
            POSTGRES_PASSWORD_FILE: /run/secrets/db_password
            POSTGRES_DB: "my_db"
        secrets:
          - db_password
        ports:
            - "8888:5432"
secrets:
   db_password:
     file: ./POSTGRES_PASSWORD

Upvotes: 15

Related Questions