cc: nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6
Since it came up in a thread re: Pleroma security, general reminder to dev friends:
NEVER STORE SECRETS IN ENVIRONMENT VARIABLES.
JUST DON'T DO IT.
seriously. don't.
https://forcesunseen.com/blog/stop-storing-secrets-in-environment-variables
Discussion
The reasons to not use environment variables weren't super compelling. I'm coding ground-up support for envvars in Ditto, because it caused nostr:npub1ycnhgr56efxcpvhu7q0er9gqjqttpwhgqgjfgjaj7gpfea5g6xhq4zgshs a lot of pain trying to deploy Rebased in k8s as-is.