For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?

Also do the passwords have to be strong if the db is only available to the service through the docker network?

  • towerful@beehaw.org
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    For passwords in software chains, I always think of them as API keys. So, making them 32 or 64 character random strings doesn’t seem ridiculous.