From dc1709be06c737b93538f4e9457fe17780b007c7 Mon Sep 17 00:00:00 2001
From: knoflook <knoflook@disroot.org>
Date: Tue, 11 Jul 2023 17:43:23 +0200
Subject: [PATCH] jank but working

---
 .env.sample   | 3 ++-
 abra.sh       | 2 +-
 compose.yml   | 7 +++++++
 entrypoint.sh | 1 +
 4 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/.env.sample b/.env.sample
index c4de2de..022dc0f 100644
--- a/.env.sample
+++ b/.env.sample
@@ -7,7 +7,8 @@ DOMAIN=cal.example.com
 LETS_ENCRYPT_ENV=production
 
 SECRET_DB_PASSWORD_VERSION=v1
-
+SECRET_NEXTAUTH_SECRET_VERSION=v1
+SECRET_CALENDSO_ENCRYPTION_KEY_VERSION=v1
 ## Uncomment this to enable collection of anonymous usage data
 #NEXT_PUBLIC_TELEMETRY_KEY=js.2pvs2bbpqq1zxna97wcml.oi2jzirnbj1ev4tc57c5r
 
diff --git a/abra.sh b/abra.sh
index e1813e3..b16f1c3 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1 +1 @@
-export ENTRYPOINT_CONF_VERSION=v6
+export ENTRYPOINT_CONF_VERSION=v8
diff --git a/compose.yml b/compose.yml
index 8ce6838..be1bd04 100644
--- a/compose.yml
+++ b/compose.yml
@@ -9,12 +9,16 @@ services:
       - backend
     secrets:
       - db_password
+      - nextauth_secret
+      - calendso_encryption_key
     environment:
       - POSTGRES_USER=calendso
       - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
       - POSTGRES_DB=calendso
       - POSTGRES_HOST=db
       - "NEXT_PUBLIC_WEBAPP_URL=https://${DOMAIN}"
+      - NEXTAUTH_SECRET_FILE=/run/secrets/nextauth_secret
+      - CALENDSO_ENCRYPTION_KEY_FILE=/run/secrets/calendso_encryption_key
       - NEXT_PUBLIC_TELEMETRY_KEY
       - MS_GRAPH_CLIENT_ID
       - ZOOM_CLIENT_ID
@@ -84,6 +88,9 @@ secrets:
   nextauth_secret:
     external: true
     name: ${STACK_NAME}_nextauth_secret_${SECRET_NEXTAUTH_SECRET_VERSION}
+  calendso_encryption_key:
+    external: true
+    name: ${STACK_NAME}_calendso_encryption_key_${SECRET_CALENDSO_ENCRYPTION_KEY_VERSION}
 
 configs:
   entrypoint_conf:
diff --git a/entrypoint.sh b/entrypoint.sh
index 26f599a..2132b9d 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -31,6 +31,7 @@ load_vars() {
 	file_env "ZOOM_CLIENT_SECRET"
 	file_env "EMAIL_SERVER_PASSWORD"
 	file_env "NEXTAUTH_SECRET"
+	file_env "CALENDSO_ENCRYPTION_KEY"
 
 	export "DATABASE_URL=postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:5432/$POSTGRES_DB"
 }