Hi all,
I have a proof of concept on how to make Node-RED deployments with Docker and Docker Compose more secure thanks to the new updated Docker Compose v2 specifications.
Here is the repository that will help the community use a better strategy with Docker Secrets for Standalone Node-RED containers. This method removes the possible of obtaining the passwords (albeit hashed ones) from the environment variables upon performing docker inspect
which is quite common way to abstract environment variables from running containers.