coop-cloud/liberaforms
1
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Improve symmetric key gen #1

New Issue
Open
opened 2025-10-29 17:49:50 +00:00 by Brooke · 3 comments
Brooke commented 2025-10-29 17:49:50 +00:00
Owner
Copy Link

Currently the "gen_key" function has to be manually called to generate a key and then inserted into the crypto_key secret, finally the service must be undeployed and redployed. This is non-ideal but I'm not sure how else to handle it automatically as liberaforms is very specific about this key and this was the reason for uploads failing.
Commit adding key_gen command:
09e2b37332

Reference in liberaforms codebase to this command, seems it's a Fernet key:
https://codeberg.org/LiberaForms/server/src/branch/main/liberaforms/commands/cryptokey.py

Currently the "gen_key" function has to be manually called to generate a key and then inserted into the crypto_key secret, finally the service must be undeployed and redployed. This is non-ideal but I'm not sure how else to handle it automatically as liberaforms is very specific about this key and this was the reason for uploads failing. Commit adding key_gen command: 09e2b37332 Reference in liberaforms codebase to this command, seems it's a Fernet key: https://codeberg.org/LiberaForms/server/src/branch/main/liberaforms/commands/cryptokey.py
marlon commented 2025-10-29 18:02:28 +00:00
Owner
Copy Link

Does this key need to be managed by docker secrets? Or could it just be generated by the entrypoint and saved in a volume inside the container?

Does this key need to be managed by docker secrets? Or could it just be generated by the entrypoint and saved in a volume inside the container?
Brooke commented 2025-10-29 18:25:03 +00:00
Author
Owner
Copy Link

I think you're right that it would be possible to do it in the entrypoint but I'm not totally sure how to handle that. Liberaforms expects it in an environment variable CRYPTO_KEY

I think you're right that it would be possible to do it in the entrypoint but I'm not totally sure how to handle that. Liberaforms expects it in an environment variable CRYPTO_KEY
marlon commented 2025-10-29 19:06:34 +00:00
Owner
Copy Link

Here's a proposed way. I haven't tested but hopefully it gives an idea: https://git.coopcloud.tech/coop-cloud/liberaforms/src/branch/cryptosecret

Here's a proposed way. I haven't tested but hopefully it gives an idea: https://git.coopcloud.tech/coop-cloud/liberaforms/src/branch/cryptosecret
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud cyrnel decentral1se fauno flancian Frando iexos jade javielico jmakdah2 joe-irving kawaiipunk knoflook kolaente lambdabundesverband linnealovespie marlon mayel mirsal moritz nicksellen notplants p4u1 pau pharaohgraphy renovate-bot ripclap rix rscmbbng sef simon sixsmith stevensting tobias trav val virtualboys wolcen wykwit xynosis yksflip
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/liberaforms#1
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?