Hi, store your secrets as bash script with
key=value and include the secret in your start script . /run/secrets/credentials.sh Now the secrets are available as shell environment. Regards, Mike > On 5. May 2020, at 22:16, Alex Soto <[email protected]> wrote: > > I found using Docker Secrets a convenient a way to protect passwords when > running Docker containers. I know I can reference an environment variables > in Karaf's config files, but that is not very secure, or at least less secure > than secrets. For example, to configure a key store in the Pax Web config > file: org.ops4j.pax.web.cfg one would need to provide a value for key > org.ops4j.pax.web.ssl.password. The problem is how to reference a secret, > which is a file, as the value of this property? In other words, I am > looking for something like: > > org.ops4j.pax.web.ssl.password=$(cat /run/secrets/keystorepass) > > Is there anything similar or planned? > > (Same would be useful to configure the JAAS users in users.properties, etc.) > > Best regards, > Alex soto > > > >
signature.asc
Description: Message signed with OpenPGP
