The job change is slowing me down, but I do have a docker container for the board now and I'm deciding how best to set the needed environment variables. I'm thinking of checking in a docker compose yml template and then setting the secret values manually and setting the compose yml to be readable only by the buffista user. That does kinda bring up the issue of where to keep these values. People with access to the server can read them, of course, and that requires logging on with certificate authentication. The only other place I know they exist is in my bitwarden vault.
Buffistas Building a Better Board ++
Do you have problems, concerns, or recommendations about the technical side of the Phoenix? Air them here. Compliments also welcome.
None of that means anything at all to me, Gud, but ....yay, like Vortex said!
I'm not sure how I feel about adding considerable additional complexity in order to fix theoretical future problems.
That's a valid point. This is a tiny project, and doing the containerizing and secrets management you do for a larger project could be complex overkill. Also, without a docker repository, deployment isn't push button.