forgejo-lila/lila
1
0
Fork 0
Code Issues 50 Pull requests Projects 1 Releases Packages Wiki Activity Actions

Modern env management approach #21

New issue
Open
opened 2026-04-19 07:23:32 +00:00 by forgejo-lila · 0 comments
forgejo-lila commented 2026-04-19 07:23:32 +00:00
Owner
Copy link

Context

Environment configuration uses .env files. These work but have downsides: easy to misconfigure, not versioned, easy to accidentally commit secrets, no type checking.

What to do

Evaluate and adopt a more robust env management approach.

Options to evaluate

  • dotenvx — encrypted .env files that can be committed safely
  • infisical — self-hosted secrets manager
  • @t3-oss/env-core — Zod-validated env schemas (type-safe, catches missing vars at startup)
  • Docker secrets — built into Docker Compose

Acceptance criteria

  • A clear decision is documented in documentation/decisions.md
  • Missing or invalid env vars are caught at startup with clear error messages
  • Secrets are not stored in plain text in the repo

Notes

Current env vars are documented in documentation/deployment.md under 'Environment Variables'. Both the API and Docker Compose stack read from .env files. VITE_API_URL is a build-time var (Docker build arg), not runtime.

## Context Environment configuration uses .env files. These work but have downsides: easy to misconfigure, not versioned, easy to accidentally commit secrets, no type checking. ## What to do Evaluate and adopt a more robust env management approach. ## Options to evaluate - `dotenvx` — encrypted .env files that can be committed safely - `infisical` — self-hosted secrets manager - `@t3-oss/env-core` — Zod-validated env schemas (type-safe, catches missing vars at startup) - Docker secrets — built into Docker Compose ## Acceptance criteria - A clear decision is documented in `documentation/decisions.md` - Missing or invalid env vars are caught at startup with clear error messages - Secrets are not stored in plain text in the repo ## Notes Current env vars are documented in `documentation/deployment.md` under 'Environment Variables'. Both the API and Docker Compose stack read from .env files. `VITE_API_URL` is a build-time var (Docker build arg), not runtime.
forgejo-lila added the
infra
 label 2026-04-19 07:23:32 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feat/adding-spanish
feat/data-feeding
feat/landing-page
feat/navbar
dev
feat/multiplayer-mode
No results found.
Labels
Clear labels   
debt

Technical cleanup, refactoring

  
feature

   
feature

New user-facing functionality

  
infra

Infrastructure, deployment, DevOps

  
multiplayer

   
multiplayer

Multiplayer lobby and game features

  
security

Security improvements

  
ux

User experience, accessibility, polish

No labels
debt
feature
feature
infra
multiplayer
multiplayer
security
ux
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: forgejo-lila/lila#21
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?