shorter jwt secret name

healthchecks yes

.drone.yml

@@ -32,7 +32,7 @@ steps:
         from_secret: drone_abra-bot_token
       fork: true
       repositories:
-        - coop-cloud/auto-recipes-catalogue-json
+        - toolshed/auto-recipes-catalogue-json
 
 trigger:
   event: tag

.env.sample

@@ -7,6 +7,9 @@ COMPOSE_FILE="compose.yml"
 ## Domain aliases
 #EXTRA_DOMAINS=', `www.baserow.example.com`'
 
+## Automatically use subdomains under following domain (anything.example.com)
+#WILDCARD_DOMAIN='example.com'
+
 LETS_ENCRYPT_ENV=production
 
 # COMPOSE_FILE="$COMPOSE_FILE:compose.email.yml"
@@ -19,5 +22,5 @@ LETS_ENCRYPT_ENV=production
 #
 
 SECRET_SECRET_KEY_VERSION=v1
-SECRET_BASEROW_JWT_SIGNING_KEY_VERSION=v1
+SECRET_JWT_KEY_VERSION=v1
 

README.md

@@ -7,7 +7,7 @@
 * **Category**: Apps
 * **Status**: 0
 * **Image**: [`baserow`](https://hub.docker.com/r/baserow), 4, upstream
-* **Healthcheck**: No
+* **Healthcheck**: Yes (using https://baserow.io/docs/installation%2Finstall-with-docker#running-healthchecks-on-baserow)
 * **Backups**: No
 * **Email**: No
 * **Tests**: No

compose.yml

@@ -3,31 +3,32 @@ version: "3.8"
 
 services:
   app:
-    image: baserow/baserow:1.25.2
+    image: baserow/baserow:1.31.1
     networks:
       - proxy
     environment:
       - BASEROW_PUBLIC_URL=https://${DOMAIN}
       - SECRET_KEY_FILE=/run/secrets/secret_key
-      - BASEROW_JWT_SIGNING_KEY_FILE=/run/secrets/baserow_jwt_signing_key
+      - BASEROW_JWT_SIGNING_KEY_FILE=/run/secrets/jwt_key
       - BASEROW_CADDY_ADDRESSES=:80 
+      - BASEROW_BUILDER_DOMAINS=${WILDCARD_DOMAIN}
     secrets:
       - secret_key
-      - baserow_jwt_signing_key
+      - jwt_key
     deploy:
       restart_policy:
         condition: on-failure
       labels:
         - "traefik.enable=true"
         - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
-        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS}) || HostRegexp(`{subdomain:\\w+}.${WILDCARD_DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         ## Redirect from EXTRA_DOMAINS to DOMAIN
         #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
         #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
         #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
-        - "coop-cloud.${STACK_NAME}.version=0.3.1+1.25.2"
+        - "coop-cloud.${STACK_NAME}.version=1.0.0+1.31.1"
     healthcheck:
       test: ["CMD", "./baserow.sh", "backend-cmd", "backend-healthcheck"]
       interval: 30s
@@ -49,6 +50,6 @@ secrets:
   secret_key:
     external: true
     name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
-  baserow_jwt_signing_key:
+  jwt_key:
     external: true
-    name: ${STACK_NAME}_baserow_jwt_signing_key_${SECRET_BASEROW_JWT_SIGNING_KEY_VERSION}
+    name: ${STACK_NAME}_jwt_key_${SECRET_JWT_KEY_VERSION}

release/1.0.0+1.31.1

@@ -0,0 +1,6 @@
+This upgrade changes the name of the jwt signing key secret from baserow_jwt_signing_key to jwt_key
+EXISTING DEPLOYMENTS MUST COPY THIS SECRET TO THE NEW LOCATION:
+# Retrieve the current jwt key value:
+docker exec <your_baserow_container_name> cat /run/secrets/baserow_jwt_signing_key
+# Create the new secret
+abra app secret insert <your_baserow_domain> jwt_key v1 <value returned by previous command>