Please support OIDC_CLIENT_SECRET_FILE for file-based secrets in Docker

[livingsilver94]

First Check

• I used the GitHub search to find a similar requests and didn't find it.
• Checked the tasks tagged issues and verified my feature is not covered

Please provide a concise description of the problem that would be addressed by this feature.

OIDC_CLIENT_SECRET is a sensible value passed as an environment variable. In a docker-compose environment, it's not ergonomic to share this value to other containers, and it's easy to accidentally make OIDC_CLIENT_SECRET too visible.

Please provide a concise description of the feature that would resolve your issue.

OIDC_CLIENT_SECRET_FILE would read the OIDC secret from a file. This Docker secret is then easily passed to other containers (e.g. Authelia or Authentik) without accidental leaks. The *_FILE convention is pretty common in Docker images.

Please consider and list out some caveats or tradeoffs made in your design decision

OIDC_CLIENT_SECRET_FILE must be read, it's not directly usable. Not a big deal in Python tho, file.readall() should suffice, along with proper error handling.

Additional Information

• If this is accepted I'm willing to submit a PR to provide this feature
• If this is accepted I'm willing to help maintain this feature
• I'm willing to sponsor/pay a developer to do this work

[cmintey]

Mealie supports docker secrets without a _FILE, see: https://docs.mealie.io/documentation/getting-started/installation/backend-config/#docker-secrets

There's a PR for implementing the FILE based secrets, seems someone just needs to pick it up and get it over the finish line

#3781