For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?

Also do the passwords have to be strong if the db is only available to the service through the docker network?

  • xrun_detected
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    1 year ago

    regarding docker secrets: what @[email protected] said, examples for doing this are here: https://docs.docker.com/compose/use-secrets/

    regarding passwords: maybe you don’t “have to”, but if i’d argue it’s important to build a habit of never using weak passwords anywhere. using strong passwords shouldn’t be/feel like an extra step but part of the normal workflow.

    • towerful@beehaw.org
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      For passwords in software chains, I always think of them as API keys. So, making them 32 or 64 character random strings doesn’t seem ridiculous.