this post was submitted on 14 Aug 2023
19 points (100.0% liked)

Docker

1080 readers
1 users here now

founded 1 year ago
MODERATORS
ProgramPhoenix@programming.dev
Ategon@programming.dev
erlingur@programming.dev
19
Best practice for docker compose passwords? (lemmy.zip)
submitted 1 year ago by hyper@lemmy.zip to c/docker@programming.dev
6 comments fedilink hide all child comments
 

For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?

Also do the passwords have to be strong if the db is only available to the service through the docker network?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] xrun_detected@programming.dev 5 points 1 year ago* (last edited 1 year ago) (1 children)

regarding docker secrets: what @jormaig@programming.dev said, examples for doing this are here: https://docs.docker.com/compose/use-secrets/

regarding passwords: maybe you don't "have to", but if i'd argue it's important to build a habit of never using weak passwords anywhere. using strong passwords shouldn't be/feel like an extra step but part of the normal workflow.

[โ€“] towerful@beehaw.org 5 points 1 year ago

For passwords in software chains, I always think of them as API keys. So, making them 32 or 64 character random strings doesn't seem ridiculous.