[SR-Users] DBURL password in clear

Jurijs Ivolga jurijs.ivolga at gmail.com
Fri Nov 17 08:02:02 CET 2017

Hi Robert,

I'm not security expert and I'm quite new in docker, but I think password
in Docker container which will be in clear text saved somewhere should not
be a problem, as far as you do not save this password to image or git and

I think best way for you is to use docker secret and generate then config
file for Kamailio using this docker secrets and then start Kamailio and for
all of this you need to write some kind of Entrypoint script. Here is
example how something similar do Homer Sipcapture, they set environment
variables in docker-compose and then generate config file based on this,
but you can use probably docker secrets instead of environment variables:


I found one more interesting link regarding docker secrets:


With kind regards,


On Thu, Nov 16, 2017 at 11:58 PM, Robert <robert at vooey.co.uk> wrote:

> That’d presumably leave the clear text footprint I'm trying to avoid,
> albeit in a non-Kamailio file. I’ve made a start on an approach to read
> from a file, Docker secrets are basically just files, but the Docker
> platform handles them securely.
> Thanks - Robert...
> > On 16 Nov 2017, at 21:46, Bastian Triller <bastian.triller at gmail.com>
> wrote:
> >
> > isn't using a group in the db URL an option? Generate some .cnf in
> > /etc/mysql/conf.d (or where MySQL searches its configuration in a
> > Docker container) from the secret and use the group in your db URL in
> > kamailio.cfg.
> >
> > http://www.kamailio.org/docs/modules/5.0.x/modules/db_mysql.html#idp419
> > 97212
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20171117/da3364da/attachment.html>

More information about the sr-users mailing list