Add `secret_file` option to read secret from a file

[schildbach]

It would be similar to the current secret option, just that it reads it from a file, truncating whitespace.

That would make it possible to use Docker secrets, which can be passed into a container only as a file.

[BVollmerhaus]

This should already be possible by setting an ETURNAL_SECRET__FILE env variable. For instance, with Compose:

services:
  eturnal:
    image: 'ghcr.io/processone/eturnal'
    environment:
      ETURNAL_SECRET__FILE: '/run/secrets/turn_secret'
    secrets:
      - turn_secret

secrets:
  turn_secret:
    file: './secrets/turn_secret'

All environment variables can be populated like this by defining one with the same name suffixed with __FILE.

Note that with the way this is implemented (by generating a file with all variables and subsequently sourcing it):

eturnal/overlay/container/standalone/usr/local/bin/run.sh

Lines 25 to 35 in 9ff82ed

	for i in $(env | grep '__FILE')
	do
	var_name="$(echo "$i" | sed -e 's|__FILE=| |' | awk '{print $1}')"
	var_file="$(echo "$i" | sed -e 's|__FILE=| |' | awk '{print $2}')"
	echo "$var_name=$(cat $var_file)" >> "$docker_secrets"
	done
	if [ -f "$docker_secrets" ]
	then
	set -a
	source "$docker_secrets"

some characters ($ and &) cannot be used in the values/secrets defined this way.

The documentation for this is a little hidden and can be found at the bottom of this section.

[schildbach]

Yes, but the corresponding option for configuration via config file is missing.