Accepted
Most Docker Compose projects expect users to create and maintain .env files manually. This works for single-service setups but falls apart with multiple stacklets sharing config (domain, data dir, timezone) and secrets (generated passwords, API tokens). Manual .env editing leads to drift, copy-paste errors, and secrets checked into version control.
.env files are never edited by hand. They are generated on every stack up from three sources:
stack.tomlfor global config (paths, domain, timezone)stacklet.toml [env.defaults]for templates like{data_dir}/photos/library.stack/secrets.tomlfor auto-generated passwords
The .env file is overwritten on every run. Gitignored. Treated as a build artifact.
- Users edit one file (
stack.toml), not six.envfiles - Secrets are auto-generated and never need to be invented or typed
- Changing the data directory or domain propagates to all stacklets on next
stack up - Anyone who edits
.envdirectly will lose their changes. The CLI warns about this but it still surprises people - Template variables are a closed set. Adding a new one requires a framework change, not just a stacklet change