For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?

Also do the passwords have to be strong if the db is only available to the service through the docker network?

  • ses hat
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Well my concern is not at home, my problem is with vps, pwd for database,api keys… I have no idea how to approach this problem. I know that a good sysadmin can get everyting but at least i want to be more safe against average admins. For me the “trust” it is something over rated.