This isn’t really surprising and isn’t actually a real security issue with Docker itself or any of the popular public images. Docker Hub is a public registry so people inexperienced with Docker accidentally include secrets in their images and upload it to Docker Hub, this is actually pretty well known and the Docker docs specifically warn people about this.
As far as I know there aren’t any tools to do that, Lemmy doesn’t automatically fetch older / deleted posts from federated communities like that, the reason is the way that federation works. When a user subscribes to a community on another server, that server will then start notifying their server when there’s new posts, comments, etc to fetch, but Lemmy doesn’t fetch older content, so only new stuff from that community will show up. I believe it’s possible to fetch old posts and comments using the search function though, you can read a bit more about it here: Lemmy docs
My instance is just me rn but I’m federating with about 500 communities, including all of the most active ones and Lemmy is running really well. My system is only using about 10% cpu and about a 1gb of ram, I’m just using a Hetzner arm vps with 4 vcpus and 8 gb of ram. Even a single small server should be able to handle a lot of users imo.
The most popular images on Docker Hub are official / library images, they are curated and monitored by Docker for best practices and security vulnerabilities. I’m not saying that means you should trust them completely, it’s always best practice to read the source of an image before you use it.