Comment on Secrets Management
slazer2au@lemmy.world 3 days ago
I have seen people use Ansible Vault to encrypt the .env file and use an ansible playbook to only decrypt the file when the playbook is running.
Comment on Secrets Management
slazer2au@lemmy.world 3 days ago
I have seen people use Ansible Vault to encrypt the .env file and use an ansible playbook to only decrypt the file when the playbook is running.
irmadlad@lemmy.world 3 days ago
Ansible is one of those ‘on the list’ things to check out. It seems to have a broad range of applications.
med@sh.itjust.works 3 days ago
Sounds like you have reason to bump it up the list now - two birds with one stone.
I need to do this too. I know I have stuff deployed that has plaintext secrets in .env or even the compose. I’ll never get time to audit everything. So the more I make the baseline deployment safe, the better.