Comments (3)
This is already possible in a way.
You can specify any neo4j configuration option via environment variables (https://neo4j.com/docs/operations-manual/current/installation/docker/#docker-environment-variables) and docker run
supports --env-file
argument to set environment variables from a file.
(https://docs.docker.com/engine/reference/commandline/run/#set-environment-variables--e-env-env-file)
The security implications seem slightly better here than in the approach taken by postgres:
- Host environment: You have a file with the password in it (both approaches)
- Docker environment: You have an environment variable with the password in it (both approaches)
- Docker environment: You have a file with the password in it (only postgres approach)
but I might be missing something else. I'm not sure what
[...] Docker's secrets feature)
is referring to and how that operates.
from docker-neo4j.
Yeah, I was thinking about --env-file but my current setup doesn't allow me to do it easily.
I'm using Rancher and their Secrets (https://docs.rancher.com/rancher/v1.6/en/cattle/secrets/) implementation allows only mounted /run/secrets/mysecret (inside container) files at the moment.
Kubernetes (https://kubernetes.io/docs/concepts/configuration/secret/) has both options for file + environment variable so it will be working even now.
Ideal solution for me would be for images to allow passing sensitive data through files mounted by docker secrets. This would lead to situation when the only place sensitive data is visible is inside docker container through file (where file permissions could be used to further secure it).
Feel free to close this issue. I'll write a wrapper that will suite my needs for now. Hopefully some standard way of dealing with secrets will emerge soon.
from docker-neo4j.
Can we have this?
from docker-neo4j.
Related Issues (20)
- Stopping neo4j to dump database state does not work HOT 2
- neo4j:4.4.16-enterprise Docker image fails when apoc plugin is requested HOT 1
- VSCode can't start a stopped devcontainer HOT 2
- Downloaded Plugin (APOC) File Permission HOT 5
- Missing docker-entrypoint.sh in latest image? HOT 2
- Error using or configuring APOC in GithubAction HOT 1
- Why am I encountering an issue with the GDS library on a Neo4j Docker container on Windows, despite it working on Linux? HOT 5
- Version 4.4.19 fails when installing APOC HOT 3
- Missing proper health check
- chown: changing ownership of '/var/lib/neo4j/conf/neo4j.conf': Read-only file system HOT 1
- Volume inaccessible, although uid and gid match those of the user parameter HOT 2
- my_ip:7474 >> This site canβt be reached HOT 3
- Pods unready/CrashLoopBackOff with message "sed: cannot rename /var/lib/neo4j/conf/sed8pylkX: Operation not permitted" HOT 2
- neo4j-admin:5.10.0 not released on Docker Hub HOT 2
- Unable to mount local config folder with apoc.conf HOT 2
- ERROR: No compatible "graph-data-science" plugin found for Neo4j 5.13.0. HOT 8
- neo4j-admin:5.17.0 not released on Docker Hub HOT 1
- Docker bind only 192.168.58.110 address and not all interfaces HOT 1
- Plugins for "genai","n10s","graphql","graph-algorithms" missing after docker install neo4j:5.18 HOT 3
- Critical/High Severity issues reported by Snyk for neo4j:5.18.1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-neo4j.