Currently, env file is added raw to the archive, if the archive somehow leaks this can be a security issue. A potential issue here is a which point we unencryption happens. The code to do that can't just live in the installer....or maybe it can, but it will need a key on the server to do the job. systemd-creds could be useful here.
Currently, env file is added raw to the archive, if the archive somehow leaks this can be a security issue. A potential issue here is a which point we unencryption happens. The code to do that can't just live in the installer....or maybe it can, but it will need a key on the server to do the job. systemd-creds could be useful here.