Cutlery/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-05-24 01:12:54 -04:00
Code Issues Packages Projects Releases Wiki Activity

Setting backend passwords with docker compose secrets (#3656)

Browse Source 
Co-authored-by: Kuchenpirat <24235032+Kuchenpirat@users.noreply.github.com>
This commit is contained in:
aljora 2024-05-29 05:53:24 -04:00 committed by GitHub
parent 831cd9c543
commit 445754c5d8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/docs/documentation/getting-started/installation/backend-config.md
View File

@ -138,6 +138,28 @@ Setting the following environmental variables will change the theme of the front
| THEME_DARK_WARNING | #FF6D00 | Dark Theme Config Variable |
| THEME_DARK_ERROR | #EF5350 | Dark Theme Config Variable |
### Docker Secrets
Setting a credential can be done using secrets when running in a Docker container.
This can be used to avoid leaking passwords through compose files, environment variables, or command-line history.
For example, to configure the Postgres database password in Docker compose, create a file on the host that contains only the password, and expose that file to the Mealie service as a secret with the correct name.
Note that environment variables take priority over secrets, so any previously defined environment variables should be removed when migrating to secrets.
```
services:
mealie:
...
environment:
...
POSTGRES_USER: postgres
secrets:
- POSTGRES_PASSWORD
secrets:
POSTGRES_PASSWORD:
file: postgrespassword.txt
```
[workers_per_core]: https://github.com/tiangolo/uvicorn-gunicorn-docker/blob/2daa3e3873c837d5781feb4ff6a40a89f791f81b/README.md#workers_per_core
[max_workers]: https://github.com/tiangolo/uvicorn-gunicorn-docker/blob/2daa3e3873c837d5781feb4ff6a40a89f791f81b/README.md#max_workers
[web_concurrency]: https://github.com/tiangolo/uvicorn-gunicorn-docker/blob/2daa3e3873c837d5781feb4ff6a40a89f791f81b/README.md#web_concurrency

2
mealie/core/settings/settings.py
View File

@ -242,7 +242,7 @@ class AppSettings(BaseSettings):
# Testing Config
TESTING: bool = False
model_config = SettingsConfigDict(arbitrary_types_allowed=True, extra="allow")
model_config = SettingsConfigDict(arbitrary_types_allowed=True, extra="allow", secrets_dir="/run/secrets")
def app_settings_constructor(data_dir: Path, production: bool, env_file: Path, env_encoding="utf-8") -> AppSettings: