feat: `config.toml` and secret management

[WieeRd]

Thinking-in-Progress. Everything is subject to change.

What to Include

• Command prefix
• Color palette for embeds
• Initial / extra cogs
• Bot token
• Database login
• API keys

Secret Management Candidates

• Raw value
• Environment variable
• Run command e.g. Bitwarden CLI
• Separate secrets.toml
  • Could use Sops in this case

Schema

prefix = ["%", "ㅅ"]

[palette]
info = 0x0000FF
warn = 0x00FF00
error = 0xFF0000

[token]
env = "BOT_TOKEN"

Tasks

• Choose secret management method
• Design TOML schema
• Implement config.py

[WieeRd]

One way of solving internal bikeshedding is to support all 3 options.

[token]
# only one key can be specified
value = "{TOKEN}"
env = "BOT_TOKEN"
command = ["bw", "get", "notes", "ClockBot"]

I should consider:

• Giving the environment variable a default name BOT_TOKEN
• Removing .envrc from the repository