I have docker-compose.yaml file containing this data:
services:
db:
image: postgres
restart: always
environment:
POSTGRES_PASSWORD: p2ostgres1
ports:
- '6000:5432'
volumes:
- pgdata:/var/lib/postgresql/data
volumes:
pgdata:
after running docker-compose up
and making some changes to the database, i can access that database again even if I change the password in the POSTGRES_PASSWORD: p2ostgres1
field. I can access the tables and the values inside 'em.
Is that okay? is that safe?
POSTGRES_PASSWORD
is used only once, initially, to set your first password. If the database is already set up (you ran it and did some changes on it), the variable won't be used for anything:
This variable defines the superuser password in the PostgreSQL instance, as set by the initdb script during initial container startup.
If you want to change the password on an already initialised database, you can run an alter role
query as a part of the changes you're applying to it:
ALTER ROLE postgres SET ENCRYPTED PASSWORD 'your_new_password';
If you're testing with connections from within the container, those will not be required to provide any password at all: by default pg_hba.conf
will be set up to trust localhost.