Skip to content

Instantly share code, notes, and snippets.

@chris-cadev

chris-cadev/README.md

Forked from deviantony/README.md
Last active March 16, 2022 01:26
Show Gist options
  • Save chris-cadev/65f7a3fabf0c1cdb82cc23b3b558624d to your computer and use it in GitHub Desktop.
Save chris-cadev/65f7a3fabf0c1cdb82cc23b3b558624d to your computer and use it in GitHub Desktop.
Download ZIP
Portainer admin password in a docker-compose environment
Raw
README.md

Portainer compose deployment with admin password preset

This file aims to explain how to deploy Portainer inside a compose file with the admin password already set.

Generate the admin password

For this example, we'll use the password superpassword.

Use the following command to generate a hash for the password:

docker run --rm httpd:2.4-alpine htpasswd -nbB admin 'superpassword' | cut -d ":" -f 2 | sed 's/\$/$$/g'

The output of that command is the hashed password, it should be something similar to $2y$05$w5wsvlEDXxPjh2GGfkoe9.At0zj8r7DeafAkXXeubs0JnmxLjyw/a.

Define the password in the compose file

If you try to use the hashed password in this form directly in your Compose file, the following error will be raised:

ERROR: Invalid interpolation format for "command" option in service "portainer": "--admin-password '$2y$05$ZBq/6oanDzs3iwkhQCxF2uKoJsGXA0SI4jdu1PkFrnsKfpCH5Ae4G'"

You need to escape each $ character inside the hashed password with another $:

$$2y$$05$$ZBq/6oanDzs3iwkhQCxF2uKoJsGXA0SI4jdu1PkFrnsKfpCH5Ae4G

Example of valid Compose file:

version: '2'

services:
  portainer:
    image: portainer/portainer:latest
    ports:
      - "9000:9000"
    command: --admin-password '$$2y$$05$$ZBq/6oanDzs3iwkhQCxF2uKoJsGXA0SI4jdu1PkFrnsKfpCH5Ae4G'
    networks:
      - local
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer-data:/data

networks:
  local:
    driver: bridge

volumes:
  portainer-data:

Output of docker-compose up:

docker-compose up                                                                                           !10023
Creating network "porcomp_local" with driver "bridge"
Creating volume "porcomp_portainer-data" with default driver
Creating porcomp_portainer_1 ... 
Creating porcomp_portainer_1 ... done
Attaching to porcomp_portainer_1
portainer_1  | 2018/03/08 01:18:37 Creating admin user with password hash $2y$05$ZBq/6oanDzs3iwkhQCxF2uKoJsGXA0SI4jdu1PkFrnsKfpCH5Ae4G
portainer_1  | 2018/03/08 01:18:37 Starting Portainer 1.16.3 on :9000

Now you can login to the Portainer instance using the credentials admin / superpassword.

Raw
Reset password.md

Reset password of portainer

  1. Create a template.docker-compose.yml file
version: '3.3'
services:
  portainer-ce:
    command: --admin-password '<password>'
    env_file: .env
    image: "portainer/portainer-ce:2.9.3"
    ports:
      - "9091:9000"
    restart: always
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "portainer_data:/data"
volumes:
  portainer_data:

as context this is the real

  1. Write the next script
#!/bin/bash
password="${1:-"admin"}"
encrypted_password=$(docker run --rm httpd:2.4-alpine htpasswd -nbB admin $password | cut -d ":" -f 2 | sed 's/\$/$$/g')

cat template.docker-compose.yml | sed -e "s/<password>/$encrypted_password/ig" > docker-compose.yml

docker-compose -p services down
docker volume rm services_portainer_data
docker-compose -p services up -d
  1. Execute it Warning this process will get rid of the volume named portainer_data
chmod u+x reset_password.sh
./reset_password.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment