How to protect the password inside redis.conf

Question

1. Should I upload redis.conf to source control platform, like github?
2. If yes, how could I protect the setting of requirepass 1234? Does .conf supports variable substitution? So I could add 1234 into .env.

P.S. I am hosting it with docker-compose:

  redis:
    image: redis/redis-stack:latest
    container_name: redis
    restart: always
    volumes:
      - ./conf/redis.conf:/usr/local/etc/redis/redis.conf
    ports:
      - "6379:6379"
    command:
      - redis-stack-server 
      - /usr/local/etc/redis/redis.conf