#Here are the steps to use Docker secrets: for swarm manager:
#Create some secrets:
echo "YOUR_BOT_API_KEY"| docker secret create bot_api_key
echo "YOUR_YT_API_KEY"| docker secret create yt_api_key
#This will create two secrets named bot_api_key and yt_api_key,
#and will set their values to YOUR_BOT_API_KEY and YOUR_YT_API_KEY respectively.
#Start your container with the named volumes:
#When you start your container, you can pass the named volumes containing the secrets:
docker run -v bot_api_key:/run/secrets/bot_api_key -v yt_api_key:/run/secrets/yt_api_key my-image
#This will create two named volumes named bot_api_key and yt_api_key,
#and will mount them as files in the container at /run/secrets/bot_api_key
#and /run/secrets/yt_api_key respectively.
#An example of above using a compose file:
version: '3.7'
services:
my-service:
image: my-image
secrets:
- bot_api_key
- yt_api_key
restart: always
secrets:
bot_api_key:
external: true
yt_api_key:
external: true
#By using Docker secrets, you can avoid exposing your sensitive information like API
#keys in the Docker inspect output. This is better than having sensistive information in docker-compose or enviroment variables.
#For non swarm we can use the below example in a docker-compose file, using env variable:
version: '3.7' # Use an appropriate version that supports secrets and configs
services:
cloudflared:
image: cloudflare/cloudflared:latest
command: tunnel --no-autoupdate run --token $CLOUDFLARED_TOKEN
environment:
- CLOUDFLARED_TOKEN_FILE=/run/secrets/cloudflared_token
restart: always
#when running compose you can define the secret:
CLOUDFLARED_TOKEN=your_token docker-compose up -d
Setup jump host with VPN client
Setting up a jump host VPN client to access your network.
Matthew McGovern
November 24, 2023