`$` in generated `PASSWORD_SECRET` can cause issues when parsed by Docker

[paulrobertlloyd]

Is your feature request related to a problem?

When setting up a Dockerfile, providing a generate PASSWORD_SECRET that contains a $ symbol, it gets parsed a separate variable. So, if for example the generated secret is:

$1a$10$ABC123

Docker compose would provide the following warning:

WARN[0000] The "ABC123" variable is not set. Defaulting to a blank string.

Describe the solution you’d like

When providing a value for PASSWORD_SECRET, escape the $ symbol.

So instead of providing:

$1a$10$ABC123

instead provide the following:

\$1a\$10\$ABC123

[paulrobertlloyd]

Actually, using an escaped $ will mean an environment variable will not be parsed correctly in other environments. The above is purely a symptom of docker compose (see Variable substitution.

Rather that the suggestion above, instead mention needing to escape the dollar symbol in any documentation about saving the PASSWORD_SECRET variable when using Docker compose. Note also that the $ symbol can be escaped either as \$ or $$.

[jackdbd]

Same thing for .envrc files. Each $ in PASSWORD_SECRET (or any other environment variable) must be escaped.

[paulrobertlloyd]

Good to know. Is .envrc the same as .env?

[jackdbd]

Hey sorry, I missed the notification.

.envrc files are used by direnv.

direnv automatically loads the environment variables defined in an .envrc file when you enter a directory containing that file. And automatically unloads them when you exit that directory.

So basically .env and .envrc have the same purpose, but only with the combination of .envrc + direnv you gain this "automatic switching" of environments, which is super convenient when you are working on different projects.