This is an automated archive made by the Lemmit Bot.

The original was posted on /r/unraid by /u/CodyDuncan1260 on 2023-08-30 07:30:43.

Hey r/Unraid!

I’m trying to secure my Unraid server. So far, I have:

• docker-compose
• running an immich server behind it’s immich_proxy (nginx)
• traefik in front of that, with cloudflare dns challenge setup for ssl.
• port forward only port 443 on the router.
• cloudflare tunnel (cloudflared) in front of that to hide my ip.
• root password set

But all of my API keys, passwords, and tokens are stored on .env and docker-compose.yml files. That seems unsafe.

• How do I setup docker-compose secrets on unraid? Should I?
• How do I point the secrets at the secret files? All the tutorials use “./password.txt”, but I don’t know where “.” is for docker-compose. Is there somewhere safer to put them?

Thanks for any help or guidance!

(post re-created to change the title to a question, so it doesn’t look like a how-to-do-this post.)