For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?

Also do the passwords have to be strong if the db is only available to the service through the docker network?

  • object_Object
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    If the value is still passed as an environment variable in the end, it can be read via /proc/:pid/environ from another container or from the host if they are both using the same UID (or has --cap-add SYS_PTRACE)

    • derpgon
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Oh, didn’t think about that. Well, at least it works.