I have a Docker stack running Transmission, which I want to password protect. I know how to pass the Environment variables to the stack using the compose.yaml file, but this leaves the passwords in plain text in a spot where anyone can see them if they have access to the file.
I looked into .env files, and I was able to set up an .env file with the variables I want, and it works if the file is in the same folder as the compose file. However, I’d like to move the .env file to a more secure location, where the local config files for Transmission are, so that everything for this stack is in one place and I can easily recreate / restore it from backup if needed, instead of chasing down files in multiple locations.
I’ve set up a “test” user & stack to figure this out and debug before I set this up in a more stable environment. (This is on TrueNAS 20.10.1, Electric Eel, for the record.)
The path to the (preferred) location for the .env file is:
/mnt/data/home/test/Apps/transmission/transmission.env
When I try to launch the stack, I get the following message:
Failed to load /mnt/data/home/test/Apps/transmission/transmission.env: open /mnt/data/home/test/Apps/transmission/transmission.env: no such file or directory
The directory with the .env file in it also contains the config files for Transmission itself, and the stack and app run if I don’t reference the .env file (or reference it in another location), so I know the directory is accessible by Docker.
What could I be missing, that it can’t find the .env file in my test home directory, even though it can find the other config files for Transmission?
Compose file for reference:
services:
transmission:
image: lscr.io/linuxserver/transmission:latest
container_name: transmission-test
env_file:
- transmission.env
# - /mnt/data/home/test/Apps/transmission/transmission.env
environment:
- PUID=568
- PGID=568
- TZ=America/New_York
volumes:
- /mnt/data/home/test/Apps/transmission:/config
- /mnt/data/home/test/Torrents:/downloads
- /mnt/data/home/test/Torrents/watch:/watch
ports:
- 30097:9091
- 51414:51413
- 51414:51413/udp
restart: unless-stopped
networks: {}