From 80eb4c8a1a1263296dea1a73b1c371788b8c8fad Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 26 Mar 2023 11:58:47 +0200 Subject: [PATCH] docs: change default session secret in docker deployment Signed-off-by: David Mehren --- docker/.env | 2 +- docs/content/config/index.md | 2 +- docs/content/setup/getting_started.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/.env b/docker/.env index 004b4d85c..da0b2def4 100644 --- a/docker/.env +++ b/docker/.env @@ -1,6 +1,6 @@ # General settings HD_BASE_URL="https://hedgedoc2.localhost" -HD_SESSION_SECRET="session_secret" +HD_SESSION_SECRET="change_me_in_production" # Database settings HD_DATABASE_TYPE="postgres" diff --git a/docs/content/config/index.md b/docs/content/config/index.md index 448723450..b98542e5b 100644 --- a/docs/content/config/index.md +++ b/docs/content/config/index.md @@ -7,7 +7,7 @@ environment variables and their corresponding value. This can for example look l ```ini HD_BASE_URL="http://localhost:8080" -HD_SESSION_SECRET="session_secret" +HD_SESSION_SECRET="change_me_in_production" HD_DATABASE_TYPE="sqlite" HD_DATABASE_NAME="./hedgedoc.sqlite" HD_MEDIA_BACKEND="filesystem" diff --git a/docs/content/setup/getting_started.md b/docs/content/setup/getting_started.md index 4fee5fd4f..fbf79295f 100644 --- a/docs/content/setup/getting_started.md +++ b/docs/content/setup/getting_started.md @@ -19,7 +19,7 @@ You will have to accept the TLS warning in your browser the first time the page instance for testing with your friends. For a production setup, first set a unique session secret with -`sed -i "s/session_secret/$(pwgen -s 64)/" .env`. +`sed -i "s/change_me_in_production/$(pwgen -s 64)/" .env`. Then open the `.env` file and edit `HD_BASE_URL`. It needs to contain the full URL of your instance, like it will be entered in the browser. If you enter a URL starting with `https://`, Caddy will