A YAML file containing secrets such as database or user passwords. Some variables that can be considered secrets are:
db.conn.kwargs.password: Password used to authenticate to the database.
session.encrypt_key: Key for encrypting/signing session cookies. Change to random long values in production.
session.sign_key: Key for encrypting/signing session cookies. Change to random long values in production.
Declarations
Type
absolute path not in the Nix storeExample
"/run/keys/oncall-dbpassword"