I get the point, but don’t forget those “secrets” are SHA256 hashes. Not really reversible.
Comment on 🛡️ uSentry - Identity & Access Management
Vendetta9076@sh.itjust.works 1 day ago
I feel like committing secrets to a config file instead of .env is a terrible idea. Thats being said this is really useful I’m sure.
TCB13@lemmy.world 1 day ago
Vendetta9076@sh.itjust.works 1 day ago
The issue isn’t that. The issue is its a config folder and a lot of people back their configs up to things like github.
TCB13@lemmy.world 1 day ago
You can backup the entire file then. I get your point, but it also seems like you’re referring to some container-based approach where you would place this inside a container and then mount the config file to some path. While some people might like that approach, that kind of goes against the original idea here, I didn’t want to run yet another instance of nginx for auth, nor another php-fpm - the ideia was simply to use this on a low power device , no containers, no overhead of duplicate webservers and PHP, just a single nginx running a couple of apps on the same php-fpm alongside this.
Vendetta9076@sh.itjust.works 22 hours ago
I think youre misunderstanding my point but thats okay. Its not for me but as a thing itself its really impressive and you should be proud to have written it. I’m sure others will find great use in it :)
Xanza@lemm.ee 1 day ago
The entire point of
.envfiles are to separate secrets from code. Its specifically the usage for which they were created.Vendetta9076@sh.itjust.works 1 day ago
Yes?
Are we misunderstanding each other?
Xanza@lemm.ee 1 day ago
We are. I read
I feel like committing secrets to a config file instead of .env is a terrible idea.asI feel like committing secrets to a .env is a terrible idea..Muh bad.
Vendetta9076@sh.itjust.works 22 hours ago
All good brother :)