Michael Mayer

> > For users that cannot or don't want to use environment variables, we have recently added these docs which hopefully are enough to get started? Is there anything missing?...

It's true that the config values are stored (cached) in memory even when you read them from a file. Then again, you can encrypt it and you should change it...

On a last note, TLS certs and keys can also be provided as files. So I also don't see the need to implement yet another mechanism for that.

This has absolutely nothing to do with Docker. More like you can't work with our YAML config files and want us to support yet another format that is compatible with...

Also, why must private app config files be WORLD READABLE with NixOS? This doesn't make any sense to me and should not be implemented that way.

You could, by the way, also run the passwd command to set the password. So there is a absolutely no requirement to use environment variables.

Providing too many ways to do the same thing can be counter productive for security and confuses users on top of it. So I must make sure you have read...

If you read our complete docs, you will find that there is a defaults.yml in addition to the options.yml. This is so you can separate both, for example for security...

These changes enforce the (previously implicit) 72-character length limit for bcrypt and allow you to use a valid 60-character bcrypt hash with a minimum difficulty of 4 when setting the...

Help with testing is much appreciated so we can make sure this works for everyone!