DOCKER: Add INTERNAL_AUTH_TOKEN support and improve auto-generation
- Add INTERNAL_AUTH_TOKEN to docker-compose.yml environment variables - Create comprehensive .env.example with deployment guidance - Document zero-config deployment for single instances - Clarify multi-instance deployment requirements - Ensure auto-generated keys persist in Docker volumes (/app/config) Security improvements: - Complete Docker support for new internal auth token mechanism - Maintains automatic key generation while ensuring persistence - No manual configuration required for standard deployments 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
ZacharyZcR
52
docker/.env.example
Normal file
52
docker/.env.example
Normal file
@@ -0,0 +1,52 @@
|
||||
# Termix Docker Environment Configuration Example
|
||||
#
|
||||
# IMPORTANT: This file shows available environment variables.
|
||||
# For most users, you DON'T need to create a .env file.
|
||||
# Termix will auto-generate secure keys on first startup.
|
||||
#
|
||||
# Copy this file to .env ONLY if you need custom configuration:
|
||||
# cp docker/.env.example docker/.env
|
||||
|
||||
# ===== BASIC CONFIGURATION =====
|
||||
PORT=8080
|
||||
NODE_ENV=production
|
||||
|
||||
# ===== SSL/HTTPS CONFIGURATION =====
|
||||
ENABLE_SSL=false
|
||||
SSL_PORT=8443
|
||||
SSL_DOMAIN=localhost
|
||||
SSL_CERT_PATH=/app/ssl/termix.crt
|
||||
SSL_KEY_PATH=/app/ssl/termix.key
|
||||
|
||||
# ===== SECURITY KEYS =====
|
||||
# WARNING: Only set these if you need specific keys for multi-instance deployment
|
||||
# For single instance deployment, leave these EMPTY - Termix will auto-generate
|
||||
# secure random keys and persist them in Docker volumes.
|
||||
#
|
||||
# If you DO set these, generate them with: openssl rand -hex 32
|
||||
JWT_SECRET=
|
||||
DATABASE_KEY=
|
||||
INTERNAL_AUTH_TOKEN=
|
||||
|
||||
# ===== DATABASE CONFIGURATION =====
|
||||
DATABASE_ENCRYPTION=true
|
||||
|
||||
# ===== CORS CONFIGURATION =====
|
||||
ALLOWED_ORIGINS=*
|
||||
|
||||
# ===== DEPLOYMENT NOTES =====
|
||||
#
|
||||
# Single Instance (Recommended):
|
||||
# - Don't create .env file - let Termix auto-generate keys
|
||||
# - Keys are automatically persisted in Docker volumes
|
||||
# - Secure and maintenance-free
|
||||
#
|
||||
# Multi-Instance Cluster:
|
||||
# - Set identical JWT_SECRET, DATABASE_KEY, INTERNAL_AUTH_TOKEN across all instances
|
||||
# - Use shared storage for /app/data and /app/config volumes
|
||||
# - Ensure all instances can access the same encryption keys
|
||||
#
|
||||
# Security Best Practices:
|
||||
# - Never commit .env files to version control
|
||||
# - Use Docker secrets in production environments
|
||||
# - Regularly rotate keys (requires data migration)
|
||||
Reference in New Issue
Block a user