Comments (8)
There probably is - surely you can extract that using your config management of choice and inject it into the containers conf.php. Unfortunately I don't think any of the maintainers has any AWS or knowledge on the subject, so I'd recommend looking for further details answer in the AWS customers forums or helpdesk. There may be mechanisms for the AWS PHP SDK to pick this up from environment variables, if the right ones get passed through to the container, but I'm no expert on that subject either.
from docker-nginx-fpm-alpine.
We have just released PrivateBin 1.5.2 which includes a feature that should let the AWS SDK use the default credentials provider chain, which will look for credentials in a few places automatically, including environment variables or instance roles, if the credentials
are not set in the configuration file. For details on these credential options, see the SDK's documentation on the default credentials provider chain. Please let us know if this covers your use case.
from docker-nginx-fpm-alpine.
Hey @elrido, I had the same issue trying the new image today, as we chat at the time, there are some missing env vars to be made available to php-fpm, I'm opening a PR with a possible fix so you can review it.
from docker-nginx-fpm-alpine.
Hi @guohaolee, if you see #158, @elrido mentioned there's a new Docker image available with tag 1.5.2-alpine3.18.2-aws-env
with a fix to allow IAM roles to be used with the Docker image. You should be able to deploy it using IAM roles now.
from docker-nginx-fpm-alpine.
Thanks @fenak ! I have tested it and it's working now!
Are we going to standardise the tag in future with the current S3 tags?
from docker-nginx-fpm-alpine.
@guohaolee I'm not involved with the project, just contributed with the feature, but from what I can see here on https://hub.docker.com/r/privatebin/nginx-fpm-alpine/tags the 1.5.2
got updated, it has the same hashes as 1.5.2-alpine3.18.2-aws-env
. So, if you haven't pulled the images yet, or you can force the images to be pulled again in case the old ones are cached on your instance, you should be able to use 1.5.2
. As this is fixed now, any future release should be fine, wouldn't need a specific tag to work with the AWS stuff.
from docker-nginx-fpm-alpine.
@guohaolee Just confirming that fenak is correct. The tagging scheme used is documented at https://github.com/PrivateBin/docker-nginx-fpm-alpine#image-tags
In a nutshell, 1.5.2-... is the immutable tag for that specific change and whenever one is produced (usually when the alpine base image gets updated) 1.5.2 (and "stable") gets re-tagged to that latest image.
Some users prefer to use the immutable tags to ensure they can track what got deployed, others prefer to use "stable" and have a mechanism that refreshes these when new ones get pushed. We hope this accommodates either use case.
from docker-nginx-fpm-alpine.
@fenak @elrido Thanks for the update.
It works fine with the 1.5.2 tags!
Once again thank you so much for implementing this! This definitely help in security wise as we don't need to manage any keys at all!
from docker-nginx-fpm-alpine.
Related Issues (20)
- Disable/remove nginx for services that already provide a reverse proxy? HOT 4
- Size limit not reflected in php.ini HOT 4
- ZAP Full Scan Report HOT 3
- upgrade to PHP 8.2
- Wrong size limit error HOT 3
- Could not create paste - permissions error? HOT 4
- Can be deleted. HOT 1
- ZAP Full Scan Report
- php-fpm81: No such file or directory HOT 5
- Invoking dark mode through environment variables HOT 2
- ZAP Full Scan Report HOT 3
- Can't override Nginx client_max_body_size 15M - Duplicate Directive HOT 1
- Getting SLSA ("Supply-chain Levels for Software Artifacts") compliance HOT 2
- docker image creates volume HOT 2
- docker image privatebin/fs:latest still includes zlib-1.2.13-1.js (instead of 1.3) HOT 5
- Dark mode HOT 1
- ZAP Full Scan Report
- ZAP Full Scan Report HOT 2
- Getting `reading response header from upstream` error when trying to create new secrets with 1.7.2 on S3 HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-nginx-fpm-alpine.