1

My docker-compose file is

version: '3.7'
services:
  postgres:
    image: postgres:10.18-alpine3.14
    container_name: postgres
    hostname: postgres
    environment:
      POSTGRES_USER : admin
      POSTGRES_PASSWORD : Pass@4321
      PGDATA: /var/lib/postgresql/data/pgdata

Here user name and password is plain text. How can I secure my credentials in docker-compose.

Improve this question

1 Answer 1

Reset to default
4

Rather than hardcoding your username and password in your docker-compose.yaml, one option is to replace them with variables, like this:

version: '3.7'
services:
  postgres:
    image: postgres:10.18-alpine3.14
    container_name: postgres
    hostname: postgres
    environment:
      POSTGRES_USER : $POSTGRES_USER
      POSTGRES_PASSWORD : $POSTGRES_PASSWORD
      PGDATA: /var/lib/postgresql/data/pgdata

And then set them in your .env file:

POSTGRES_USER=admin
POSTGRES_PASSWORD=Pass@4321

When you docker-compose up your application, docker-compose will substitute the appropriate values.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

How is this more secure? It's plain text in a file right next to it
@Nephilim by moving the passwords into a .env file, you can share your compose file without also sharing your passwords. The .env file doesn't have to be (in general, should not be) part of your repository. This also makes it easier to use the same passwords in multiple places in your compose file (e.g., if you have an application that needs to interact with postgres).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.