If I understand it correctly, in order to use secrets properly I need to use docker swarm.
Once I did a 'docker swarm init', portainer noticed the difference and put back everything in the swarm : running containers, existing stacks, etc.. However after adding a secret to the secrets section now available in portainer, a stack I am trying to setup cannot find the corresponding secret.
Here is the compose : https://pastebin.com/H1wnBLjy
And if I try running ls /run/secrets/ in the container I get this error :
Error response from daemon: Container xxx is restarting, wait until the container is running
The logs keep repeating this :
Loading configuration from /wiki/config.yml... OK
DB_PASS_FILE is defined. Will use secret from file.
Failed to read Docker Secret File using path defined in DB_PASS_FILE env variable!
ENOENT: no such file or directory, open '/run/secrets/db_passwd'
I tried removing the containers then setting them up again, restarting them, nothing works so far.
For info, it is run on a Swarm 20.10.7 with portainer 2.6.3, on a debian buster host.
What have I done wrong ?
Thanks for your help.
Well my bad, thing is if an env var is not explicitely defined it cannot be used. I thought adding _FILE to any env was enough to make it understands that it will be passed through a file, but I learned that it is not the case. So secrets are available in general, but if not defined in the image it is a no-go.