Module passphrase 

Passphrase resolution for server secrets

Finds the operator’s passphrase (used to decrypt the persisted [hashiverse_lib::tools::server_id::ServerId]) in a platform-agnostic way, looking in this order:

1. an explicit file path supplied on the command line,
2. standard container-secret mounts (/run/secrets/, /mnt/secrets/, /etc/secrets/) — Kubernetes, Docker Swarm and Podman all land here,
3. an environment variable — still supported for legacy non-container deployments.

The resolved passphrase is wrapped in secrecy::SecretString so it is zeroised on drop and never accidentally logged.

Functions

get_passphrase