If i declare docker secret on docker compose i'm not able to deploy in prd on remote docker machine secrets withous upload phisically secrets on remote machine. I think is not safe.
So, if i create manually secrets on remote docker machine how i can use by a container deployed by docker compose?
Secrets and other sensitive data can be uploaded via stdin over ssh, avoiding the need to copy the file to the remote server. I provided an example here: https://stackoverflow.com/a/53358618/2605742
This technique can be used to create secrets in swarm mode (even with a single-node swarm), or with docker compose, creating the containers without copying the docker-compose.yml file to the remote system.