Like the title says, does anyone know how to give systemd services a secret?
For example: postgresql.bu
``` variant: fcos version: 1.4.0 storage: directories: - path: /opt/services/postgres/data overwrite: true mode: 0755 systemd: units: - name: postgres.service enabled: true contents: | [Unit] Description=The PostgreSQL object-relational database system Wants=network-online.target After=network-online.target
[Service] Type=notify NotifyAccess=all Restart=on-failure RestartSec=60 ExecStartPre=-/bin/podman kill postgres ExecStartPre=-/bin/podman rm postgres ExecStartPre=/bin/podman pull docker.io/library/postgres:15 ExecStart=/bin/podman run --name postgres \ --volume /opt/services/postgres/data:/var/lib/postgresql/data:z \ --env POSTGRES_USER=admin \ --env POSTGRES_PASSWORD=admin \ --env POSTGRES_DB=admin \ --replace --sdnotify=conmon \ --publish 0.0.0.0:5432:5432/tcp \ --restart=unless-stopped \ --log-level info \ docker.io/library/postgres:15
[Install] WantedBy=multi-user.target
```
If that is my SystemD unit file, can I replace:
env POSTGRES_PASSWORD=admin with a value that is discovered at runtime?
I know this is an older post but I'll comment anyway.
I haven't been getting any errors, but sometimes when I browse, I'd be scrolling through the comments of a post, and suddenly the post would change.
I didn't dig into it much, but if it starts happening more often, I'll record my network traffic (for the browser) and attach the .har file.
Technically correct, much like you can't do anything about what your neighbour does in their own home.
However, what sh.itjust.works and lemmy.ml can do is block 'bad server' communication.
They can also enforce rules on their own 'home' as it were.