I would like to migrate away from using .env for secrets, and use something hashicorp vault. How would one do this for something like pihole, where there is an env var with the password?

  • folekaule@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    11 days ago

    See if a light weight kubernetes installation is for you. Secrets are first class citizens in k8s. You can maintain secrets in a number of different ways, but they are exposed to containers the same way. They can become files or environment variables, whether you need.

    I recommend looking at k3s to run on your Pi and see if that works for you. You can add vault software on top of that later without changing your containers.