Postgres: Provide a better way to pass the password to the container
I don't like setting the password with an environment variable because environment variables can be viewed with 'docker inspect'. Can you provide a way to pass the password by mounting a file to the container and read the password from that file?
For example something like this:
$cat secret
export POSTGRES_PASSWORD=mysecretpostgrespassword
$ sudo docker run -v $(pwd):/tmp --name some-postgres -d postgres
and then in docker-entrypoint.sh read/source the password from /tmp/secret .
Thank you
PS:
I tried to do something like this:
$sudo docker run -v $(pwd):/tmp --entrypoint /bin/bash --name some-postgres -d postgres "source /tmp/secret >> docker-entrypoint.sh"
but this resulted in:
/bin/bash: source /tmp/secret >> docker-entrypoint.sh: No such file or directory
bladnor
All 8 comments
I'm having the same concern.
Unfortunately in researching it I think I have learned that this issue was formally identified in Docker itself back in May of last year and is still not a solved problem.
jdmarshall
on 8 Jan 2016
Allowing malicious users to run docker inspect (or generally docker ...) command is already a security breach so there is no gain in hiding password form environment other than over-engineering.
PostgreSQL supports GSSAPI and Kerberos authentication which can be used if you really need more complex access management.
mmarzantowicz
on 15 Feb 2016
I think it would be worthwhile to add a note to the documentation for POSTGRES_PASSWORD pointing out that users concerned about security ought to change this initial password after the database is initialized, perhaps with a short example of the easiest/quickest way to do so.
tianon
on 29 Aug 2016
There are other applications besides Postgres that need credentials.
Postgres is sort of a touchy subject from a Docker standpoint anyway. The combined awkwardness of the data volume solution, lazy initialization of the database which ensues, avoiding nuking your data, especially in dev and integration, race conditions caused by this with docker-compose and a handful of others that I'm forgetting...
I ended up creating my own initialization scripts which I ran offline that would spool up just psql, initialize the database, create my users (read and read-write), change the default password and optionally import a database backup, which I run separately from my code-build-test and build-deploy-test cycles. (this was a godsend when it came time to test migration scripts)
jdmarshall
on 29 Aug 2016
I think https://github.com/docker-library/postgres/pull/225 should be helpful here.
tianon
on 20 Jan 2017
TL;DR If you are using a swarm:
version: "3.1"
services:
database:
image: postgres:9.6
environment:
POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password
secrets:
- postgres_password
secrets:
postgres_password:
external: true
phs
on 10 Apr 2017
Ah, thanks for the prod (and the example config), @phs! I'm going to close since this was implemented in #225 with the _FILE environment variables. :+1:
tianon
on 10 Apr 2017
@phs example works without swarm too in docker-compose.yml, e.g.
secrets:
postgres_password:
file: ./docker_postgres_password
shadiakiki1986
on 25 Apr 2018
Related issues
roks0n
路
4Comments
mcnesium
路
3Comments
phanikumarp
路
3Comments
Enelar
路
4Comments
harrybvp
路
4Comments
Most helpful comment
TL;DR If you are using a swarm: