Docker images have immutable setup_key because migrate is run in image build

teleclimber / Dropserver

An application platform for your personal web services. https://dropserver.org

Apache License 2.0

48 stars 1 forks source link

Docker images have immutable setup_key because migrate is run in image build #108

Closed teleclimber closed 1 year ago

teleclimber commented 1 year ago

Everybody who runs a docker image of ds-host will have the same setup_key. This goes against the idea of a secret setup key.

The problem is the key is generated in the initial migration step. This is incorrect because creating a setup_key not a migration task anyways.

The solution might be to let the setup key controller have an Init function called when starting ds-host that checks the DB for the presence of an admin, and creates the setup key if none.

teleclimber commented 1 year ago

This is fixed in practice by changing how the docker images are built. See https://github.com/teleclimber/Dropserver-docker