I have setup a docker-based development environment having the following images as you can see in docker-compose.yml:
version: '2'
services:
phpBB_dev:
build:
context: .
dockerfile: Dockerfile
args:
XDEBUG_HOST: 172.17.0.1
XDEBUG_PORT: 9021
UID: 1000
GID: 1000
image: 'pcmagas/phpbb_dev'
links:
- mariadb
- postgresql
volumes:
- "$SRC_PATH:/var/www/html:Z"
- "$SRC_PATH_3_1_10:/var/www/phpBB_3_1_10:Z"
- "$SRC_PATH_3_0_14:/var/www/phpBB_3_0_14:Z"
nginx:
image: nginx
ports:
- "5092:5092"
- "5093:5093"
- "5094:5094"
links:
- "phpBB_dev"
volumes:
- './nginx.conf:/etc/nginx/nginx.conf:ro'
- './logs/dev/nginx:/var/logs'
volumes_from:
- 'phpBB_dev'
mariadb:
image: mariadb
volumes:
- './db/maria:/var/lib/mysql'
ports:
- '5434:5432'
environment:
MYSQL_ROOT_PASSWORD: 'phpp_unsafe_passwd'
postgresql:
image: postgres
volumes:
- './db/postgresql:/var/lib/postgresql/data'
ports:
- '3306:3306'
environment:
POSTGRES_PASSWORD: 'phpp_unsafe_passwd'
adminer:
image: adminer
links:
- 'mariadb'
- 'postgresql'
ports:
- '8080:8080'
I use the tool adminer in order to setup tables etc etc for my databases. And I have this question:
Is it good idea to use the root user as the one that the applications (guess ;) ) I currently develop to use it in order to connect into the database or is recommended to create a user for a specific application instance?
1 Answer 1
It's a question of taste somehow but in general the autorisation mechanisms are there to use them.
Meaning: If at all possible use granularity and create distinct users with minimum permissions for each task.
If anything goes wrong you can revoke permissions for one task without disturbing the others and an account with minimal permissions is minimal dangerous.
The root credentials should not be spread all around.