Comment

Keeping backup of .env means exposing sensitive creds ?

Sort:hotnew top

grimer@lemmy.world ⁨2⁩ ⁨months⁩ ago
In my particular case I only have a few .env files and they don’t have any credentials in them. This is mostly for the docker-compose files.

source
- shadybraden@programming.dev ⁨2⁩ ⁨months⁩ ago
  You can specify a folder in your files for configs, and a different one for the compose and env:
  
  - config - <container_config> - docker - container - compose.yml
  
  source
MangoPenguin@lemmy.blahaj.zone ⁨2⁩ ⁨months⁩ ago
Backups are encrypted so it shouldn’t be an issue.

source
HelloRoot@lemy.lol ⁨2⁩ ⁨months⁩ ago
what about a local, encrypted backup

source
- PunkRockSportsFan@fanaticus.social ⁨2⁩ ⁨months⁩ ago
  It’s like you have secrets that you pull in to build your .env which should only be used by the stuff that needs it and it’s not shared.
  
  I’m assuming this is a production backup and the idea that someone has a prod .env file gives me the Willies.
  
  Id want to change all the cards.
  
  source