generated from coop-cloud/example
replace ACTIVE_RECORD_ENCRYPTION with ARE to shorten secret name
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
Ammar Hussein
parent
74109d293b
commit
a919e1553b
@ -79,9 +79,9 @@ SECRET_OTP_SECRET_VERSION=v1
|
|||||||
SECRET_VAPID_PRIVATE_KEY_VERSION=v1
|
SECRET_VAPID_PRIVATE_KEY_VERSION=v1
|
||||||
SECRET_DB_PASSWORD_VERSION=v1
|
SECRET_DB_PASSWORD_VERSION=v1
|
||||||
SECRET_SMTP_PASSWORD_VERSION=v1
|
SECRET_SMTP_PASSWORD_VERSION=v1
|
||||||
SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION=v1
|
SECRET_ARE_DETERMINISTIC_KEY_VERSION=v1
|
||||||
SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION=v1
|
SECRET_ARE_KEY_DERIVATION_SALT_VERSION=v1
|
||||||
SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION=v1
|
SECRET_ARE_PRIMARY_KEY_VERSION=v1
|
||||||
|
|
||||||
# Web Push
|
# Web Push
|
||||||
# ========
|
# ========
|
||||||
|
|||||||
6
abra.sh
6
abra.sh
@ -136,17 +136,17 @@ secrets_activerecord() {
|
|||||||
> /tmp/activerecord.txt
|
> /tmp/activerecord.txt
|
||||||
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$($grep ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY /tmp/activerecord.txt | cut -d'=' -f2)
|
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$($grep ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY /tmp/activerecord.txt | cut -d'=' -f2)
|
||||||
abra app secret insert "$APP_NAME" active_record_encryption_deterministic_key v1 "$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
|
abra app secret insert "$APP_NAME" are_deterministic_key v1 "$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
|
||||||
echo "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY = $ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
|
echo "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY = $ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$($grep ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT /tmp/activerecord.txt | cut -d'=' -f2)
|
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$($grep ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT /tmp/activerecord.txt | cut -d'=' -f2)
|
||||||
abra app secret insert "$APP_NAME" active_record_encryption_key_derivation_salt v1 "$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
|
abra app secret insert "$APP_NAME" are_key_derivation_salt v1 "$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
|
||||||
echo "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT = $ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
|
echo "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT = $ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$($grep ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY /tmp/activerecord.txt | cut -d'=' -f2)
|
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$($grep ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY /tmp/activerecord.txt | cut -d'=' -f2)
|
||||||
abra app secret insert "$APP_NAME" active_record_encryption_primary_key v1 "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
|
abra app secret insert "$APP_NAME" are_primary_key v1 "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
|
||||||
echo "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY = $ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
|
echo "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY = $ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
|
|||||||
24
compose.yml
24
compose.yml
@ -37,13 +37,13 @@ services:
|
|||||||
- secret_key_base
|
- secret_key_base
|
||||||
- smtp_password
|
- smtp_password
|
||||||
- vapid_private_key
|
- vapid_private_key
|
||||||
- active_record_encryption_deterministic_key
|
- are_deterministic_key
|
||||||
- active_record_encryption_key_derivation_salt
|
- are_key_derivation_salt
|
||||||
- active_record_encryption_primary_key
|
- are_primary_key
|
||||||
environment: &env
|
environment: &env
|
||||||
- ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_FILE=/run/secrets/active_record_encryption_deterministic_key
|
- ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_FILE=/run/secrets/are_deterministic_key
|
||||||
- ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_FILE=/run/secrets/active_record_encryption_key_derivation_salt
|
- ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_FILE=/run/secrets/are_key_derivation_salt
|
||||||
- ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_FILE=/run/secrets/active_record_encryption_primary_key
|
- ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_FILE=/run/secrets/are_primary_key
|
||||||
- ALLOW_ACCESS_TO_HIDDEN_SERVICE
|
- ALLOW_ACCESS_TO_HIDDEN_SERVICE
|
||||||
- ALTERNATE_DOMAINS
|
- ALTERNATE_DOMAINS
|
||||||
- AUTHORIZED_FETCH
|
- AUTHORIZED_FETCH
|
||||||
@ -216,14 +216,14 @@ secrets:
|
|||||||
smtp_password:
|
smtp_password:
|
||||||
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
|
name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
|
||||||
external: true
|
external: true
|
||||||
active_record_encryption_deterministic_key:
|
are_deterministic_key:
|
||||||
name: ${STACK_NAME}_active_record_encryption_deterministic_key_${SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION}
|
name: ${STACK_NAME}_are_deterministic_key_${SECRET_ARE_DETERMINISTIC_KEY_VERSION}
|
||||||
external: true
|
external: true
|
||||||
active_record_encryption_key_derivation_salt:
|
are_key_derivation_salt:
|
||||||
name: ${STACK_NAME}_active_record_encryption_key_derivation_salt_${SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION}
|
name: ${STACK_NAME}_are_key_derivation_salt_${SECRET_ARE_KEY_DERIVATION_SALT_VERSION}
|
||||||
external: true
|
external: true
|
||||||
active_record_encryption_primary_key:
|
are_primary_key:
|
||||||
name: ${STACK_NAME}_active_record_encryption_primary_key_${SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION}
|
name: ${STACK_NAME}_are_primary_key_${SECRET_ARE_PRIMARY_KEY_VERSION}
|
||||||
external: true
|
external: true
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
|
|||||||
@ -5,7 +5,7 @@ Run `abra app cmd --local <domain> secrets_activerecord` to generate and store t
|
|||||||
You will also need to add this to your config (`abra app config <domain>`):
|
You will also need to add this to your config (`abra app config <domain>`):
|
||||||
|
|
||||||
```
|
```
|
||||||
SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION=v1
|
SECRET_ARE_DETERMINISTIC_KEY_VERSION=v1
|
||||||
SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION=v1
|
SECRET_ARE_KEY_DERIVATION_SALT_VERSION=v1
|
||||||
SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION=v1
|
SECRET_ARE_PRIMARY_KEY_VERSION=v1
|
||||||
```
|
```
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user