coop-cloud/baserow
coop-cloud/baserow
0
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Merge pull request 'shorter jwt secret name' (#3) from shorter-secret into main

Browse Source 
Reviewed-on: #3
Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech>
This commit is contained in:
marlon 2025-05-09 03:28:29 +00:00
commit 0b930dd81d
3 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env.sample
View File

@ -22,5 +22,5 @@ LETS_ENCRYPT_ENV=production
# #
SECRET_SECRET_KEY_VERSION=v1 SECRET_SECRET_KEY_VERSION=v1
SECRET_BASEROW_JWT_SIGNING_KEY_VERSION=v1 SECRET_JWT_KEY_VERSION=v1

10
compose.yml
View File

@ -9,12 +9,12 @@ services:
environment: environment:
- BASEROW_PUBLIC_URL=https://${DOMAIN} - BASEROW_PUBLIC_URL=https://${DOMAIN}
- SECRET_KEY_FILE=/run/secrets/secret_key - SECRET_KEY_FILE=/run/secrets/secret_key
- BASEROW_JWT_SIGNING_KEY_FILE=/run/secrets/baserow_jwt_signing_key - BASEROW_JWT_SIGNING_KEY_FILE=/run/secrets/jwt_key
- BASEROW_CADDY_ADDRESSES=:80 - BASEROW_CADDY_ADDRESSES=:80
- BASEROW_BUILDER_DOMAINS=${WILDCARD_DOMAIN} - BASEROW_BUILDER_DOMAINS=${WILDCARD_DOMAIN}
secrets: secrets:
- secret_key - secret_key
- baserow_jwt_signing_key - jwt_key
deploy: deploy:
restart_policy: restart_policy:
condition: on-failure condition: on-failure
@ -28,7 +28,7 @@ services:
#- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
#- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
- "coop-cloud.${STACK_NAME}.version=0.7.0+1.31.1" - "coop-cloud.${STACK_NAME}.version=1.0.0+1.31.1"
healthcheck: healthcheck:
test: ["CMD", "./baserow.sh", "backend-cmd", "backend-healthcheck"] test: ["CMD", "./baserow.sh", "backend-cmd", "backend-healthcheck"]
interval: 30s interval: 30s
@ -50,6 +50,6 @@ secrets:
secret_key: secret_key:
external: true external: true
name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION} name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
baserow_jwt_signing_key: jwt_key:
external: true external: true
name: ${STACK_NAME}_baserow_jwt_signing_key_${SECRET_BASEROW_JWT_SIGNING_KEY_VERSION} name: ${STACK_NAME}_jwt_key_${SECRET_JWT_KEY_VERSION}

6
release/1.0.0+1.31.1 Normal file
View File

@ -0,0 +1,6 @@
This upgrade changes the name of the jwt signing key secret from baserow_jwt_signing_key to jwt_key
EXISTING DEPLOYMENTS MUST COPY THIS SECRET TO THE NEW LOCATION:
# Retrieve the current jwt key value:
docker exec <your_baserow_container_name> cat /run/secrets/baserow_jwt_signing_key
# Create the new secret
abra app secret insert <your_baserow_domain> jwt_key v1 <value returned by previous command>