ZelphirKaltstahl
commented
2 months ago Not in the readme file, but it is at least in the docker compose file it is mentioned: https://github.com/zulip/docker-zulip/blob/ef3a379351cfb0508a66dc10263cb29e27e2be6c/docker-compose.yml#L74-L75
mk-pmb
Hi! I'm trying to set up the docker-compose and from the setup guide it looks well crafted, thanks! A minor optimization though: The part about
POSTGRES_PASSWORDandSECRETS_postgres_passwordleaves me wondering whether I should use the same random value for both, or if there's a security benefit if both are different. For now I'll just use the same because in my test scenario I don't need maximum security anyway. (Edit: Found it in the comments in the YAML file. Still won't hurt to change "both beathe (same) password" in Readme.)Also it would be nice to have a shell script that replaces empty secrets with randomly generated ones, reporting an overview of which secrets have been kept and which have been generated. The readme could then group all the secrets settings below a todo item "Setup secrets: Run
./util/randomize_missing_secrets.shto generate all missing ones, or set these manually:" I can contribute that script (at what path?) if you like.Edit: I found it a bit cumbersome to have to configure each password twice, in locations far apart from another. ("Far" in a 20 lines shell window.) My first idea was to sync them in the script I suggested, but wouldn't it be even easier to have a "secrets" directory with each password being a separate file and mounting that file into the containers that need it? That's how I usually do it in my docker-compose projects. Not sure though whether mounting them still requires an absolute path nowadays. (I use a template system to generate my docker-compose files on the fly, so I don't have to deal with determining absolute paths.)