I understand this is a simple tool not meant for production, but it would be nice if there is a simple elegant way to accomplish this, as having plain passwords lying around makes many people nervous these days.
As an example, maybe each service can have a separate, optional .env.sh file with contents like:
MYUID=$(id -u)
yyy_password=$(pass docker-compose/services/mssql)
a wrapper is then used to inject the dynamic env before invoking the real docker-compose? This probably means that a gpg passphrase will be needed once for server.sh xxx operation every so often?
# docker-compose-wrapper file
##########
function compose_wrapper() {
if [ -f "../../.usewrapper" ]; then
set -a
[-f ".env.sh"] && source <(cat .env.sh )
set +a
fi
$real_compose "$@"
}
...
compose_wrapper "$@"
##############
I understand this is a simple tool not meant for production, but it would be nice if there is a simple elegant way to accomplish this, as having plain passwords lying around makes many people nervous these days.
As an example, maybe each service can have a separate, optional .env.sh file with contents like:
a wrapper is then used to inject the dynamic env before invoking the real docker-compose? This probably means that a gpg passphrase will be needed once for
server.sh xxxoperation every so often?