SECURITY FIXES:
- Remove hardcoded Icecast admin password from codebase
- Implement environment-based configuration system
- Add configuration validation and warnings
NEW FILES:
- config.lisp: Centralized configuration management
- config.template.env: Documented configuration template
- SECURITY-CONFIG-CHANGES.org: Complete change documentation
CHANGES:
- asteroid.asd: Add config.lisp to system
- asteroid.lisp: Replace defparameter with config system
- frontend-partials.lisp: Use config for Icecast credentials
Addresses TODO items:
- Problem 4: Templates no longer advertise default passwords
- Server runtime configuration: All config parameterized
Breaking change: Production deployments MUST set ICECAST_ADMIN_PASSWORD
via environment variable.
Tested on b612.asteroid.radio production server - configuration system
works correctly with environment variables.
Ref: TODO.org lines 24-43
glenneth