sec: db password management

compose.yaml

@@ -17,7 +17,8 @@ services:
       #- MYSQL_DATABASE=gitea
       #- MYSQL_USER=gitea
       #- MYSQL_PASSWORD=gitea
-      - MYSQL_ROOT_PASSWORD=rootpass
+      #- MYSQL_ROOT_PASSWORD=rootpass
+      - MYSQL_ROOT_PASSWORD=${DOTENV_MYSQL_ROOT_PASSWORD}
     expose:
       - 3306
       - 33060
@@ -29,7 +30,8 @@ services:
     restart: always
     environment:
       - MYSQL_USER=flasku
-      - MYSQL_PASSWORD=flaskp
+      #- MYSQL_PASSWORD=flaskp
+      - MYSQL_PASSWORD=${DOTENV_MYSQL_FLASK_PASSWORD}
     #ports:
     #  - 8000:8000
     expose:
@@ -53,9 +55,8 @@ services:
       - GITEA__database__HOST=db:3306
       - GITEA__database__NAME=gitea
       - GITEA__database__USER=gitea
-      - GITEA__database__PASSWD=giteap
+      - GITEA__database__PASSWD=${DOTENV_MYSQL_GITEA_PASSWORD}
       - GITEA__repository__DEFAULT_BRANCH=master
-      #- GITEA__service__ENABLE_REVERSE_PROXY_AUTHENTICATION_API=true
       # To disable new users after setup:
       #- GITEA__service__DISABLE_REGISTRATION=false
     networks: