Default docker installations should generate a random key instead of using a static secret that everyone can see.

This commit is contained in:
Tim Farrell 2024-02-01 13:43:54 -06:00
parent d67f3d982b
commit 03a7e35967
2 changed files with 9 additions and 1 deletions

View file

@ -53,4 +53,7 @@ COPY --from=build /app/build /app/build
# copy backend files # copy backend files
COPY ./backend . COPY ./backend .
# Generate a random value to use as a WEBUI_SECRET_KEY in case the user didn't provide one.
RUN echo $(head -c 12 /dev/random | base64) > docker_secret_key
CMD [ "bash", "start.sh"] CMD [ "bash", "start.sh"]

View file

@ -4,4 +4,9 @@ SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
cd "$SCRIPT_DIR" || exit cd "$SCRIPT_DIR" || exit
PORT="${PORT:-8080}" PORT="${PORT:-8080}"
exec uvicorn main:app --host 0.0.0.0 --port "$PORT" --forwarded-allow-ips '*' if test -f docker_secret_key && test "$WEBUI_SECRET_KEY" = ""; then
echo Using generated DOCKER_SECRET_KEY
WEBUI_SECRET_KEY=`cat docker_secret_key`
fi
WEBUI_SECRET_KEY="$WEBUI_SECRET_KEY" exec uvicorn main:app --host 0.0.0.0 --port "$PORT" --forwarded-allow-ips '*'