mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-07-10 00:03:03 +00:00
🧂 chore: Require an Operator-Supplied Admin Panel Session Secret (#13902)
* fix: require admin panel session secret
* 🩹 fix: Plain-Expand Admin SESSION_SECRET So Compose Maintenance Commands Run
The `${VAR:?}` required form fails interpolation for every deploy-compose
subcommand (down/pull/config), breaking `npm run update:deployed` for installs
whose .env predates ADMIN_PANEL_SESSION_SECRET. Plain expansion keeps those
commands working; the admin-panel image fail-fasts on an empty secret, so the
panel still refuses to start without it.
This commit is contained in:
parent
77854decdf
commit
cb2bafb457
3 changed files with 9 additions and 5 deletions
|
|
@ -40,10 +40,10 @@ DOMAIN_SERVER=http://localhost:3080
|
|||
ADMIN_PANEL_URL=
|
||||
|
||||
# Session encryption key for the bundled admin panel (min 32 characters).
|
||||
# The admin panel ships enabled in docker-compose/deploy-compose; the value
|
||||
# below is a development default. Generate a unique one for production:
|
||||
# Required when using the bundled admin panel in docker-compose/deploy-compose.
|
||||
# Generate a unique value before starting the stack:
|
||||
# openssl rand -hex 32
|
||||
ADMIN_PANEL_SESSION_SECRET=0f7114d0b0b192b59fde7e3b730949b27d49a8717fa32ad3167d94c7684fede3
|
||||
ADMIN_PANEL_SESSION_SECRET=
|
||||
|
||||
# Host port for the bundled admin panel (default docker-compose only).
|
||||
# In deploy-compose the panel is served at http://admin.localhost via nginx.
|
||||
|
|
|
|||
|
|
@ -48,7 +48,9 @@ services:
|
|||
restart: always
|
||||
environment:
|
||||
- PORT=3000
|
||||
- SESSION_SECRET=${ADMIN_PANEL_SESSION_SECRET:-${CREDS_KEY}}
|
||||
# Plain expansion (not :?) so `docker compose down`/`pull` still run when this is unset.
|
||||
# The panel itself refuses to start without it; set ADMIN_PANEL_SESSION_SECRET in .env.
|
||||
- SESSION_SECRET=${ADMIN_PANEL_SESSION_SECRET}
|
||||
- API_SERVER_URL=http://api:3080
|
||||
- VITE_API_BASE_URL=${DOMAIN_CLIENT:-http://localhost}
|
||||
- SESSION_COOKIE_SECURE=${ADMIN_PANEL_SESSION_COOKIE_SECURE:-false}
|
||||
|
|
|
|||
|
|
@ -45,7 +45,9 @@ services:
|
|||
restart: always
|
||||
environment:
|
||||
- PORT=3000
|
||||
- SESSION_SECRET=${ADMIN_PANEL_SESSION_SECRET:-${CREDS_KEY}}
|
||||
# Plain expansion (not :?) so `docker compose down`/`pull` still run when this is unset.
|
||||
# The panel itself refuses to start without it; set ADMIN_PANEL_SESSION_SECRET in .env.
|
||||
- SESSION_SECRET=${ADMIN_PANEL_SESSION_SECRET}
|
||||
- API_SERVER_URL=http://api:${PORT:-3080}
|
||||
- VITE_API_BASE_URL=${DOMAIN_CLIENT:-http://localhost:3080}
|
||||
- SESSION_COOKIE_SECURE=${ADMIN_PANEL_SESSION_COOKIE_SECURE:-false}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue