Accept DATABASE_URL as secret #890

Open
opened 2026-02-04 21:34:06 +03:00 by OVERLORD · 0 comments
Owner

Originally created by @shimisnow on GitHub (Jan 5, 2026).

Which part of the project does this feature apply to?

Backend

What would you like?

Option to use DATABASE_URL__FILE=/run/secrets/PLANKA_DATABASE_URL

Why is this needed?

In the current setup we can config only DATABASE_URL=postgresql://user:$${DATABASE_PASSWORD}@database.domain:5432/planka?ssl=true. This way user, domain, port and database are visible in plain text.

This is needed so this data is treated with the same security as the password.

Other information

There is no need to process $${DATABASE_PASSWORD} at the DATABASE_URL secret. Once url is a secret, password cannot be a secret.

I am available to make a PR with the code.

Originally created by @shimisnow on GitHub (Jan 5, 2026). ### Which part of the project does this feature apply to? Backend ### What would you like? Option to use `DATABASE_URL__FILE=/run/secrets/PLANKA_DATABASE_URL` ### Why is this needed? In the current setup we can config only `DATABASE_URL=postgresql://user:$${DATABASE_PASSWORD}@database.domain:5432/planka?ssl=true`. This way user, domain, port and database are visible in plain text. This is needed so this data is treated with the same security as the password. ### Other information There is no need to process `$${DATABASE_PASSWORD}` at the `DATABASE_URL` secret. Once url is a secret, password cannot be a secret. I am available to make a PR with the code.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/planka#890