Option to read runtime config values from secrets files

[septatrix]

Describe the feature

Many deployment environments offer the ability to provide secrets via files (e.g. Docker and Kubernetes Secrets, systemd Credentials). Nitro should be able to pick these up and read read their contents automatically.

The location where these files are placed is not fully standardized. Docker places them under /run/secrets, systemd under $CREDENTIALS_DIRECTORY (which is /run/credentials for system units), and Kubernetes allows mounting them at arbitrary places. The best way to support all these (and more) is likely to use special environment variables which contain the paths to the secrets files. E.g. NUXT_API_SECRET_FILE=/run/secrets/apikey would automatically be detected as an env var for a secrets file due to the _FILE suffix. Another approach is to use a value prefix like NUXT_API_SECRET=file:/run/secrets/apikey where the file: prefix of the value would indicate that it is a path to a secrets file.

Motivation:
Passing secrets/credentials as files is preferred over environment variables as they offer better access control and are less likely to leak (printed in logs, inherited by child processes, included in core dumps etc.)

Additional information

• Would you be willing to help implement this feature?