Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9c71458eff439e45bcccd9ea8248a3c3f9020dcf
dokploy/packages/server/src/db/constants.ts
Mauricio Siu 9c71458eff feat(auth): implement migration script for auth secret and refactor secret handling 
- Added a new script `migrate-auth-secret.ts` to facilitate the migration of 2FA secrets when changing the BETTER_AUTH_SECRET.
- Updated `package.json` to include a command for running the migration script.
- Refactored the handling of BETTER_AUTH_SECRET to improve security by removing the hardcoded default and introducing a fallback mechanism using environment variables or Docker secrets.
- Updated the authentication logic to utilize the new `betterAuthSecret` function for retrieving the secret.
2026-05-09 02:08:04 -06:00

48 lines
1.3 KiB
TypeScript
Raw Blame History

import fs from "node:fs";
export const {
DATABASE_URL,
POSTGRES_PASSWORD_FILE,
POSTGRES_USER = "dokploy",
POSTGRES_DB = "dokploy",
POSTGRES_HOST = "dokploy-postgres",
POSTGRES_PORT = "5432",
} = process.env;
export function readSecret(path: string): string {
try {
return fs.readFileSync(path, "utf8").trim();
} catch {
throw new Error(`Cannot read secret at ${path}`);
}
}
export let dbUrl: string;
if (DATABASE_URL) {
// Compatibilidad legacy / overrides
dbUrl = DATABASE_URL;
} else if (POSTGRES_PASSWORD_FILE) {
const password = readSecret(POSTGRES_PASSWORD_FILE);
dbUrl = `postgres://${POSTGRES_USER}:${encodeURIComponent(
password,
)}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}`;
} else {
if (process.env.NODE_ENV !== "test") {
console.warn(`
⚠️ [DEPRECATED DATABASE CONFIG]
You are using the legacy hardcoded database credentials.
This mode WILL BE REMOVED in a future release.
Please migrate to Docker Secrets using POSTGRES_PASSWORD_FILE.
Please execute this command in your server: curl -sSL https://dokploy.com/security/0.26.6.sh | bash
`);
}
if (process.env.NODE_ENV === "production") {
dbUrl =
"postgres://dokploy:amukds4wi9001583845717ad2@dokploy-postgres:5432/dokploy";
} else {
dbUrl =
"postgres://dokploy:amukds4wi9001583845717ad2@localhost:5432/dokploy";
}
}
Reference in New Issue View Git Blame Copy Permalink