Feature Title
Better support for Docker secrets
Is your feature request related to a problem?
Sensitive secrets like the Discord bot token should not be stored within .env files for security reasons. Other users on the same machine can view the environment of other user's processes. This means that if a MA gets access to one of the users on your machine, they can take over your Discord bot.
Feature Description
Allow people to supply the path to the secret. For example TOKEN_PATH, which would have the value of /run/secrets/token. From there, the application can read that file to get the actual secret value. This alternative is more secure since only the authorised user has access to read that file.
Priority Level
Low
Alternatives Considered
No response
Additional Context
For more information, please view Docker's guide on secrets.
Feature Title
Better support for Docker secrets
Is your feature request related to a problem?
Sensitive secrets like the Discord bot token should not be stored within
.envfiles for security reasons. Other users on the same machine can view the environment of other user's processes. This means that if a MA gets access to one of the users on your machine, they can take over your Discord bot.Feature Description
Allow people to supply the path to the secret. For example
TOKEN_PATH, which would have the value of/run/secrets/token. From there, the application can read that file to get the actual secret value. This alternative is more secure since only the authorised user has access to read that file.Priority Level
Low
Alternatives Considered
No response
Additional Context
For more information, please view Docker's guide on secrets.