Suggest this be shown first, before user deploys and finds this too late

[huornlmj]

https://github.com/greenbone/docs/blob/ba8fcefd522becb69cc853f274372860f09d736b/src/22.4/container/admin-user.md?plain=1#L1

End users should know this up front before following all the instructions to the end only to find the deployment is using a hard coded weak and known password, and not having the ability to change it in the now deployed instance and having to destroy and rebuild with the admin user instructions.

[y0urself]

As you follow the instruction, the mentioned paragraph gives you the information on how you change the default password into another own password that is totally save in your opinion. As you first need to setup and run the compose setup in order to be able to change the default password, the placement of the paragraph seems perfectly fine for me. With more advanced knowledge one can also pass proper arguments to the starting script in https://github.com/greenbone/gvmd/blob/main/.docker/start-gvmd.sh#L19.

Where is mentioned, that you need to destroy and rebuild the instance?

[huornlmj]

Thanks - actually this was only an issue until you adopted my loopback suggestion. It ceased to be such an issue when listening on 127.0.0.1.