Tools
Environment Variables and Secrets in Docker Compose
Docker Compose gives you three ways to pass configuration into a container: the environment key, the env_file attribute and the .env file for interpolation. For sensitive data, do not use environment variables; Docker Compose secrets are mounted as read-only files under /run/secrets/, away from logs and the process environment.