Closed Kylematt1992 closed 3 years ago
If this should start automatically after a reboot, then I like using config files and adding the keys to it with chmod 400. If you want max security you should use an own user for your script/programm/bot and make this user owns the config file.
If you are fine with manually starting the bot after a reboot, then you can provide the api keys via command line parameters. In this case take care not saving the bash history.
If you have a lot of keys you can create a LUKS container storing the secrets in it. After a reboot, decrypt the container, mount it and use the keys.
Hello, First of all a very loud shout out to the maker of this program and all those who contributed it. Thank you. Could you please provide guidance on how to run bot on server 24/7 safely with our api secrets and our strategies (although mine is simple rsi, but I am sure there are many who have great strategies) if possible? I came across that api keys and secret should not be stored on environment variables. Please guide on that too. Also, should we host our bot as app in containerised docker or should select proper complete full instance? Thank you...