Closed markkovari closed 1 month ago
Vozard
commented
1 month ago @markkovari If I'm not mistaken, it means that we should add the .env file to the .gitignore, and maybe we should add a new .env.sample file without the actual values (just with the names of the environment variables). And then, whoever downloads the code can fill out those values and should delete the .sample part from the end of the file. Am i correct?
markkovari
commented
1 month ago Yes, beside that usually we recommend people to copy the sample, like
cp .env.sample .envand they will not commit the .env file with its secrets.
By the way you can use the .env file with the docker compose too like this: https://docs.docker.com/compose/environment-variables/set-environment-variables/#use-the-env_file-attribute
Vozard
commented
1 month ago And is it worth including this description as well in the README (that they should just copy it with this command and fill it out accordingly or) ?
markkovari
commented
1 month ago Yes, I would definitely do that. You can avoid the whole leaking of secrets with this.
I am in a bit of a confusion where is the
.envfile being used. Although we usually add a sample.env.samplewhich people can copy and fill with their values. This exact path (filename) is usually added to gitignore too.