Support for environment variables and files #98
Comments
|
It is actually already supported. Nice to see you back 😉 |
|
Oh, my bad, have not checked the code, only documentation. I too like your project to forget about it :) |
|
Yeah, not the secret files. |
|
Here is my workaround for secret files with MySQL DB deploy docker swarm command
version: "3.9"
services:
db:
image: mysql
ports:
- 3306:3306
environment:
TZ: "Asia/Yekaterinburg"
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/dbpwd-root
MYSQL_DATABASE: traccar
MYSQL_USER: traccar
MYSQL_PASSWORD_FILE: /run/secrets/dbpwd-traccar
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --skip-log-bin
volumes:
- ./db/data:/var/lib/mysql:rw
secrets:
- dbpwd-root
- dbpwd-traccar
traccar:
image: traccar/traccar:ubuntu
ports:
- 8082:8082
- 5000-5245:5000-5245
- 5000-5245:5000-5245/udp
environment:
CONFIG_USE_ENVIRONMENT_VARIABLES: "true"
DATABASE_DRIVER: "com.mysql.cj.jdbc.Driver"
DATABASE_URL: "jdbc:mysql://db:3306/traccar?allowPublicKeyRetrieval=true&useSSL=false&allowMultiQueries=true&autoReconnect=true&useUnicode=yes&characterEncoding=UTF-8&sessionVariables=sql_mode=''"
DATABASE_USER: traccar
DATABASE_PASSWORD_FILE: /run/secrets/dbpwd-traccar
volumes:
- ./traccar/logs:/opt/traccar/logs:rw
- ./traccar/entrypoint.sh:/usr/local/bin/entrypoint.sh:ro
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
entrypoint: /usr/local/bin/entrypoint.sh
depends_on:
- db
secrets:
- dbpwd-traccar
secrets:
dbpwd-root:
file: secrets/db_root_password
dbpwd-traccar:
file: secrets/db_traccar_passwordThe workaround itself, fill password environment variables from secret files. #!/bin/bash
## Set environment variables by their respective secrets
supportedSecrets=( "DATABASE_PASSWORD"
"MAIL_SMTP_PASSWORD"
"LDAP_PASSWORD"
)
for secret in ${supportedSecrets[@]}; do
envFile="${secret}_FILE"
if [ $(printenv ${envFile}) ]; then envFileName=`printenv ${envFile}`; fi
if [[ ${!envFile} && -f "$envFileName" ]]; then
val=`cat $envFileName`
export "${secret}"="$val"
echo "${secret} environment variable was set by secret ${envFile}"
fi
done
java -Xms1g -Xmx1g -Djava.net.preferIPv4Stack=true -jar tracker-server.jar conf/traccar.xml
DB passwords are stored in The only problem that we need |
|
Any update on this? When can we use docker secret without having to use a script as a workaround? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm not sure if this is correct repo, but it is more related to docker.
It would be good to add support server configuration via environment variables, especially database config.
Editing config file is not that usual flow used by docker.
Also it would be good to support file variables for secrets https://docs.docker.com/engine/swarm/secrets/
The text was updated successfully, but these errors were encountered: