When running a PostgreSQL database in a Docker container, the documentation for the official PostgreSQL Docker Image specifies that the administrator password should be set in an environmental variable like:
docker run --name some-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres
For those that do not want to hard-code a plain-text password in their scripts, are there more secure options to consider?
Injecting configuration settings as environment variables is the approach to application configuration recommended by the 12 factor app website.
- http://12factor.net/config
Alternatively you could create your own container that reads it's configuration from custom configuration file:
docker run -d mydockerapp --config mydevconfig.yaml
But really the use of environment variables has the edge in terms of flexibility because it is ubiquitous across all platforms. To make environment variables more palatable you could specify them within a file. This at least will ensure a malicious user on the same machine could not glean credentials from a process listing:
$ cat env.db
POSTGRES_DB=myappdb
POSTGRES_USER=admin
POSTGRES_PASSWORD=pleasechangeme
$ docker run --name postgres --env-file=env.db -d postgres
Finally, I discovered that there are a number of outstanding feature requests for better secret support by docker:
- https://github.com/docker/docker/issues/13490
In my experience convenience has a habit of trumping security, so I imagine it will take time for an acceptable solution to gain sufficient mind-share. Personally I forsee a solution emerging that emulates what the Kubernetes project is doing with encrypted data volumes:
- https://kubernetes.io/docs/concepts/configuration/secret/