Refactor pgAdmin configuration in docker-compose.yaml to utilize environment variable substitution for sensitive data and improve maintainability.

2025-08-04 19:17:34 +02:00
parent 8eb8638996
commit a9da42a20b
1 changed files with 17 additions and 14 deletions
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -81,8 +81,6 @@ services:
    restart: always
    image: dpage/pgadmin4:9.6.0
    container_name: pgadmin4-ui
-    ports:
-      - "5050:80"
    user: "5050:5050"
    # logging:
    #   driver: loki
@@ -95,20 +93,25 @@ services:
      - backend
      - frontend
    environment:
-      PGADMIN_DEFAULT_EMAIL: "info@phx-erp.de"
-      PGADMIN_DEFAULT_PASSWORD: "123"
+      PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL}
+      PGADMIN_DEFAULT_PASSWORD: ${SUPER_ADMIN_USER_PASSWORD}
      PGADMIN_CONFIG_SERVER_MODE: 'True'
+      PGADMIN_CONFIG_WSGI_SCRIPT_NAME: "'/pgadmin4'"
      PGADMIN_CONFIG_PROXY_X_PROTO_COUNT: 1
      PGADMIN_SERVER_JSON_FILE: '/var/lib/pgadmin/servers.json'
      PGADMIN_REPLACE_SERVERS_ON_STARTUP: 'True'
      PGADMIN_CONFIG_DATA_DIR: "'/var/lib/pgadmin'"
      PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED: 'False'
+
+      # pgpass dynamic vars
      PGPASSFILE: /var/lib/pgadmin/pgpass
-      PGPASS_HOST: "phoenixDB"
-      PGPASS_PORT: 5432
-      PGPASS_DB: "phoenix"
-      PGPASS_USER: "postgres"
-      PGPASS_PASSWORD: ""
+      PGPASS_HOST: ${DB_HOST}
+      PGPASS_PORT: ${DB_PORT}
+      PGPASS_DB: ${DB_NAME}
+      PGPASS_USER: ${DB_USERNAME}
+      PGPASS_PASSWORD: ${POSTGRES_PASSWORD}
+
+      # Other config
      ALLOW_SAVE_PASSWORD: 'False'
      MFA_ENABLED: 'True'
      MFA_FORCE_REGISTRATION: 'False'
@@ -117,13 +120,13 @@ services:
      MAX_LOGIN_ATTEMPTS: 5
      ENHANCED_COOKIE_PROTECTION: 'True'
      SHOW_GRAVATAR_IMAGE: 'True'
-      SECURITY_EMAIL_SENDER: "'No Reply PHX <no-reply@phx-erp.de>'"
-      MAIL_SERVER: "mail.phx-erp.de"
-      MAIL_PORT: 465
+      SECURITY_EMAIL_SENDER: ${SECURITY_EMAIL_SENDER}
+      MAIL_SERVER: ${MAIL_SERVER}
+      MAIL_PORT: ${MAIL_PORT}
      MAIL_USE_SSL: 'False'
      MAIL_USE_TLS: 'False'
-      MAIL_USERNAME: "internal@phx-erp.de"
-      MAIL_PASSWORD: "8Kb2p4!o1"
+      MAIL_USERNAME: ${MAIL_USERNAME}
+      MAIL_PASSWORD: ${MAIL_PASSWORD}
      MAIL_DEBUG: 'False'
    volumes:
      - ./pgadmin/data:/var/lib/pgadmin