Secrets management in Docker Compose: .env, SOPS, Bitwarden, and the “good enough” threat model

A pragmatic ladder from “.env and permissions” to SOPS and a vault, plus a threat model that’s realistic for self-hosters

self-hosting

March 04, 2026

14 min read

A pragmatic ladder from “.env and permissions” to SOPS and a vault, plus a threat model that’s realistic for self-hosters..

courses

self-hosting

Mastodon