coop-cloud/rauthy
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Failed to upgrade to 1.0.0+0.32.3 #11

New Issue
Closed
opened 2025-10-27 10:44:59 +00:00 by p4u1 · 7 comments
p4u1 commented 2025-10-27 10:44:59 +00:00
Owner
Copy Link

Two problems:

  1. CONFIG_TOML_VERSION was not bumped in abra.sh (this is an easy fix)
  2. ENC_KEY upgrade does not work

On the second problem:
I followed the nice upgrade guide in the release notes, but when trying to log in I get the following error:

ERROR rauthy_handlers::oidc: CryptrError::Keys(EncKey ID does not exist)

This is what I have set in my .env file:

SECRET_ENC_KEYS_A_VERSION=a1 # generated=false
SECRET_ENC_KEYS_B_VERSION=b1 # generated=false
ENC_KEY_ACTIVE="a1"

And the secrets should have been inserted correctly

@cyrnel @decentral1se

Two problems: 1. `CONFIG_TOML_VERSION` was not bumped in `abra.sh` (this is an easy fix) 2. ENC_KEY upgrade does not work On the second problem: I followed the nice upgrade guide in the release notes, but when trying to log in I get the following error: ``` ERROR rauthy_handlers::oidc: CryptrError::Keys(EncKey ID does not exist) ``` This is what I have set in my .env file: ``` SECRET_ENC_KEYS_A_VERSION=a1 # generated=false SECRET_ENC_KEYS_B_VERSION=b1 # generated=false ENC_KEY_ACTIVE="a1" ``` And the secrets should have been inserted correctly @cyrnel @decentral1se
decentral1se commented 2025-10-27 14:04:41 +00:00
Owner
Copy Link

I did not get far enough to try this upgrade, so thanks for smoking this out @p4u1.

@cyrnel any ideas on the 2nd problem?

I did not get far enough to try this upgrade, so thanks for smoking this out @p4u1. @cyrnel any ideas on the 2nd problem?
p4u1 closed this issue 2025-12-09 22:18:01 +00:00
p4u1 reopened this issue 2025-12-09 22:18:05 +00:00
decentral1se commented 2025-12-14 14:54:14 +00:00
Owner
Copy Link

It seems like things have progressed in the meantime due to the good work of @3wordchant.

eecfe6239c

I'm not sure on the situation of this specific version, any update @p4u1?

It seems like things have progressed in the meantime due to the good work of @3wordchant. > https://git.coopcloud.tech/coop-cloud/rauthy/commit/eecfe6239cb7f204ebd35f39a8a77ae07e71ab60 I'm not sure on the situation of this specific version, any update @p4u1?
p4u1 commented 2025-12-14 15:24:17 +00:00
Author
Owner
Copy Link

Will try again in a couple of days

Will try again in a couple of days
🚀 1
decentral1se commented 2026-01-20 13:27:40 +00:00
Owner
Copy Link

@p4u1 hold that thought, I'm in the middle of this migration and the instructions are quite confusing and potentially broken. I am restoring and trying again. I will try to improve the docs... what a gnarly migration 🙈

@p4u1 hold that thought, I'm in the middle of this migration and the instructions are quite confusing and potentially broken. I am restoring and trying again. I will try to improve the docs... what a gnarly migration 🙈
decentral1se commented 2026-01-20 13:41:40 +00:00
Owner
Copy Link

No wait, it works, it's just confusing as fuck. The ID of the encryption key is used as the ID of the secret from the abra side of things. It's then used in the config as follows 👇

config.toml.tmpl Lines 27 to 28 in eecfe6239c
'{{ env "SECRET_ENC_KEYS_A_VERSION" }}/{{ secret "enc_keys_a" }}',
'{{ env "SECRET_ENC_KEYS_B_VERSION" }}/{{ secret "enc_keys_b" }}'

This is a sort of "abuse" of the usual versioning approach to pass the ID into the config... 🙈

So, it's all correct, it just takes full energy brain to understand.

Good Luck ™️

No wait, it works, it's just confusing as fuck. The ID of the encryption key is used as the ID of the secret from the `abra` side of things. It's then used in the config as follows 👇 https://git.coopcloud.tech/coop-cloud/rauthy/src/commit/eecfe6239cb7f204ebd35f39a8a77ae07e71ab60/config.toml.tmpl#L27-L28 This is a sort of "abuse" of the usual versioning approach to pass the ID into the config... 🙈 So, it's all correct, it just takes full energy brain to understand. Good Luck ™️
decentral1se commented 2026-03-13 16:05:38 +00:00
Owner
Copy Link

@p4u1 it's resolved?

@p4u1 it's resolved?
p4u1 commented 2026-03-13 16:10:33 +00:00
Author
Owner
Copy Link

Yes

Yes
p4u1 closed this issue 2026-03-13 16:10:33 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
3wordchant aadil abra-bot ammaratef45 cas coopcloud decentral1se fauno kawaiipunk knoflook moosemower notplants p4u1 renovate-bot stevensting trav yksflip
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/rauthy#11
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?