Secrets with Stacks

Files

~> ls
docker-compose.yml psql_password.txt psql_user.txt

• Version of Compose file has to be 3.1+

docker-compose.yml

version: "3.1"

services:
  psql:
    image: postgres
    secrets:
      - psql_user
      - psql_password
    environment:
      POSTGRES_PASSWORD_FILE: /run/secrets/psql_password
      POSTGRES_USER_FILE: /run/secrets/psql_user

secrets:
  psql_user:
    file: ./psql_user.txt
  psql_password:
    file: ./psql_password.txt

Output

~> docker stack deploy -c docker-compose.yml mydb
Creating network mydb_default
Creating service mydb_psql

~> docker secret ls
ID                          NAME                 CREATED             UPDATED
1q02hc2t9o0kvp06ikdkxzb8w   mydb_psql_user       22 seconds ago      22 seconds ago
kab8nkt34v3viwpcybfrhaedb   mydb_psql_password   22 seconds ago      22 seconds ago

~> docker stack rm mydb
Removing service mydb_psql
Removing secret mydb_psql_user
Removing secret mydb_psql_password
Removing network mydb_default