Using a Secure Deployment Strategy with Docker Secrets and Environment Variables for Node-RED

Hi all,

I have a proof of concept on how to make Node-RED deployments with Docker and Docker Compose more secure thanks to the new updated Docker Compose v2 specifications.

Here is the repository that will help the community use a better strategy with Docker Secrets for Standalone Node-RED containers. This method removes the possible of obtaining the passwords (albeit hashed ones) from the environment variables upon performing docker inspect which is quite common way to abstract environment variables from running containers.

2 Likes