A question about passing the encryption key to the application in production #1
Description
Thanks for sharing the code. My question is about the 01_cloak_ecto project. I see that you have hard-coded the encryption key inside config.exs. What would be a better way to do it in production in Linux? I want to pass it in the most secure manner. I don't mind providing it to the application on each server restart and start the application manually. Would making it available via an environment variable at runtime be sufficient (history disabled for that line)? If so, how to make config.exs read that environmental variable?