• Recent
  • Popular
  • Unsolved
  • Categories
  • Tags
  • Chat
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
SysAdmins Zone Logo

Using Infisical for Docker Composer Secrets

Scheduled Pinned Locked Moved Guides
secretssecuritydocker
2 Posts 2 Posters 67 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • tankerkiller125T Offline
    tankerkiller125T Offline
    tankerkiller125 Admin
    wrote on last edited by tankerkiller125
    #1

    After running into Infisical by chance, I was really interested in using it for Docker secrets (because I don't like dealing with Hashicorp vault) and I found their documentation kind of lacking for docker compose in particular because they basically assume that your a developer building a docker image (instead of a pre-built one). With this guide I want to point out another way to use it.

    For this guide I'm using self-hosted Infisical, and Ubuntu Server with the latest version of Docker and compose v2.

    Installing Infisical Docker Compose

    Infisical has some very good documentation for doing this in their docker compose self-hosted docs so I won't repeat them here. Just know that you either need to do this, or use the cloud hosted version for anything else.

    Install Infisical CLI

    For Ubuntu you can run the following commands:

    curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | sudo -E bash

sudo apt update && sudo apt install -y infisical

    For other linux distros you can use the commands in their docs.

    Using with docker compose

    For use with docker compose you would create docker compose file like:

    version: "3.7"
services:
  test:
    environment:
      - MY_VAR=${INFCAL_MY_VAR}
    image: alpine:latest
    entrypoint:
      - printenv

    In Infiscal you would configure environment variable to be INFCAL_MY_VAR with whatever value you want. From here you then would get the service token for use and then run the following commands:

    export INFISICAL_TOKEN=*****

# Only if your self-hosting Infrisical
export INFISICAL_API_URL=https://yourdomain.com/api

docker compose --env-file <(infisical export --format=dotenv) up

    Once you run the docker compose command, you should see the console output of the alpine image and it should display the environment variables in which MY_VAR should be displayed with the contents you set in Infisical.

    Known Issues

    The only known issue I have found so far is that you can't use "multi-line" environment variables. Otherwise everything seems to work exactly as it's supposed to.

    1 Reply Last reply
    0
  • katosK Offline
    katosK Offline
    katos Admin
    wrote on last edited by
    #2

    Definitely need to give this a try!
    Thanks for the guidance tankerkiller125

    1 Reply Last reply
    0

© Copyright 2023, SysAdmins Zone.
Terms of Service | Privacy Policy
  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Recent
  • Popular
  • Unsolved
  • Categories
  • Tags
  • Chat
  • Login
  • Don't have an account? Register
  • Login or register to search.