Setting path to .env in home folder instead of with compose - "No such file"

GJSchaller · December 27, 2024, 8:47pm

I have a Docker stack running Transmission (through Dockge), which I want to password protect. I know how to pass the Environment variables to the stack using the compose.yaml file, but this leaves the passwords in plain text in a spot where anyone can see them if they have access to the file.

I looked into .env files, and I was able to set up an .env file with the variables I want, and it works if the file is in the same folder as the compose file. However, I’d like to move the .env file to a more secure location, where the local config files for Transmission are, so that everything for this stack is in one place and I can easily recreate / restore it from backup if needed, instead of chasing down files in multiple locations.

I’ve set up a “test” user & stack to figure this out and debug before I set this up in a more stable environment. (This is on TrueNAS 20.10.1, Electric Eel, for the record.)

The path to the (preferred) location for the .env file is:

/mnt/data/home/test/Apps/transmission/transmission.env

When I try to launch the stack, I get the following message:

Failed to load /mnt/data/home/test/Apps/transmission/transmission.env: open /mnt/data/home/test/Apps/transmission/transmission.env: no such file or directory

The directory with the .env file in it also contains the config files for Transmission itself, and the stack and app run if I don’t reference the .env file (or reference it in another location), so I know the directory is accessible by Docker.

I changed the owner on the file in the home folder to root:root to match the one in the Stacks folder, but the error is persisting. I did verify the owner, group, and permissions are identical.

What could I be missing, that it can’t find the .env file in my test home directory, even though it can find the other config files for Transmission?

Compose file for reference:

services:
  transmission:
    image: lscr.io/linuxserver/transmission:latest
    container_name: transmission-test
    env_file:
      - transmission.env
      # - /mnt/data/home/test/Apps/transmission/transmission.env
    environment:
      - PUID=568
      - PGID=568
      - TZ=America/New_York
    volumes:
      - /mnt/data/home/test/Apps/transmission:/config
      - /mnt/data/home/test/Torrents:/downloads
      - /mnt/data/home/test/Torrents/watch:/watch
    ports:
      - 30097:9091
      - 51414:51413
      - 51414:51413/udp
    restart: unless-stopped
networks: {}

GJSchaller · December 27, 2024, 8:52pm

As soon as I posed this, I figured it out.

Dockge is the issue. If I run the YAML file from the TrueNAS interface instead of Dockage, it works fine.

neofusion · December 27, 2024, 8:53pm

User 568 is not going to be able to access the file unless it has at least execute (x) permissions on the directories leading up to it.

Putting a file like this in a home directory is not ideal for that reason.