Core concepts
Secrets
App-scoped secrets injected into services at deploy time.
Nethera secrets belong to an app. The CLI infers the app context from the current directory where supported, or you can pass --app.
bash
$neth secrets set API_KEY$neth secrets list$neth secrets reveal API_KEY$neth secrets delete API_KEYReference secrets from nethera.yml:
nethera.yml
services: web: image: ghcr.io/acme/app:latest nethera: secrets: - API_KEYSecrets listed under nethera.secrets are injected as environment variables at deploy time.
Notes
- updating a secret requires a redeploy before running containers see the new value;
- secret values should not be committed to
nethera.yml; - secret values should not be placed in managed files;
neth secrets revealcan show a stored secret value, so treat terminal output carefully.