When working with Docker Compose, environment variables are a powerful way to keep your configuration clean, reusable, and secure. They allow you to separate your app settings and secrets from code, making your Docker workflows more flexible and production-ready.
In this post, we’ll explore different ways to use environment variables in docker-compose.yml, and how to manage them effectively.
🔧 Why Use Environment Variables?
- 🔒 Avoid hardcoding secrets
- 🔁 Reuse settings across environments (dev, staging, prod)
- 📦 Parameterize images and services
- 📄 Simplify deployment scripts
✅ Method 1: Define Variables in a .env File
The easiest and most common way is to use a .env file in the same directory as your docker-compose.yml.
Example .env file:
DB_USER=admin
DB_PASSWORD=secret123
PORT=3306
docker-compose.yml:
version: '3.8'
services:
db:
image: mysql:5.7
environment:
MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
MYSQL_USER: ${DB_USER}
ports:
- "${PORT}:3306"
💡 You don’t need to manually import the
.envfile—Docker Compose loads it automatically.
✅ Method 2: Use the environment Section
You can define environment variables directly in the Compose file:
services:
web:
image: node:18
environment:
- NODE_ENV=production
- API_KEY=${MY_API_KEY}
This supports both hardcoded values and references to environment variables on your host machine or .env file.
✅ Method 3: Use env_file to Load Many Variables
If you have many variables, you can use the env_file key to load them from a file:
services:
app:
image: my-app
env_file:
- ./config.env
config.env:
DEBUG=false
JWT_SECRET=abc123
API_URL=https://api.example.com
📝
env_filedoesn’t support variable expansion (e.g., using${VAR1}insideVAR2). Use.envfor that.
✅ Method 4: Pass Environment Variables at Runtime
You can also inject environment variables dynamically using the CLI:
export DB_USER=devuser
export DB_PASSWORD=devpass
docker-compose up
Docker Compose will read these from your shell session.
🔐 Best Practices
| Tip | Description |
|---|---|
✅ Use .env for environment-specific config | |
🔐 Never commit .env files with secrets to version control | |
💡 Use env_file for large sets of variables | |
🚫 Avoid hardcoding sensitive data in docker-compose.yml | |
🔄 Use default values like ${PORT:-3000} for fallbacks |
🛠️ Example with Defaults
environment:
- PORT=${PORT:-8080}
- LOG_LEVEL=${LOG_LEVEL:-info}
This means:
- Use the value from the environment if defined
- Otherwise fallback to the default (
8080,info)
🧪 Debug Tip: Print Environment Variables Inside a Container
To check what variables are available inside a running container:
docker-compose exec web env
📝 Summary
| Task | Method |
|---|---|
| Load variables from a file | .env or env_file |
| Inject variables into services | environment section |
| Set variables at runtime | export VAR=value before docker-compose up |
| Set default values | Use ${VAR:-default} syntax |
✅ Conclusion
Using environment variables in Docker Compose keeps your setup clean, flexible, and secure. Whether you’re deploying to production or testing locally, environment variables help you adapt your configuration without rewriting code.
Master these techniques, and you’ll have a robust and scalable Docker environment for any project.