Comment on Display A ‘Song Of The Day’ In MOTD From Navidrome Playlist

<- View Parent
non_burglar@lemmy.world ⁨2⁩ ⁨weeks⁩ ago

You’re a programmer, what would you recommend?

Hah! By trade, I’m a sysadmin, my daily is security reviews at the planning and governance level.

I spent a good 6 years working in a Dev shop, and I picked up a lot of habits there, learned a ton about rest APIs, etc.

Setting up a vault for secrets (Hashicorp’s vault is a popular one) might be a bit overkill for your needs in a homelab, but it’s a great way to inject some security into python, bash scripts, which I think is useful, because lots of us start with scripting and move from there.

The basic mechanism is you set up the vault, define pools, etc and then use a token request instead of putting the secret in the script itself. There are tons of examples for each language and mode, but i just use a vault command in the script, throw the output in a variable and that’s pretty much it.

Secrets management in Dev and devops work is really interesting, if you ask me. All the way from the IDE to prod, there are many ways to leak passwords, api tokens, paths no one should know, etc.

original
Sort:hotnewtop