feat: add SECRET_KEY_BASE instead of SECRET_TOKEN

tryzealot · Sep 19, 2024 · 92097ea · 92097ea
1 parent 08557bc
commit 92097ea
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/config.env b/config.env
@@ -117,7 +117,7 @@ ZEALOT_SENTRY_DISABLE=false
 COMPOSE_PROJECT_NAME=zealot
 
 # 加密密钥，建议使用 openssl 或者 rails secret 生成
-SECRET_TOKEN=
+SECRET_KEY_BASE=
 
 # Puma 外部控制 API
 PUMA_CONTROL_URL=0.0.0.0:9293

diff --git a/scripts/generate-secret-key.sh b/scripts/generate-secret-key.sh
@@ -1,12 +1,13 @@
 echo "${_group}Generating secret key ..."
 
-HAS_SECRET_TOKEN=$(grep 'SECRET_TOKEN' $ENV_FILE | awk '{split($0,a,"="); print a[2]}')
+HAS_SECRET_TOKEN=$(grep -E 'SECRET_KEY_BASE|SECRET_TOKEN' $ENV_FILE | awk '{split($0,a,"="); print a[2]}')
 
 if [ -z "$HAS_SECRET_TOKEN" ]; then
-  SECRET_TOKEN=$(export LC_ALL=C; head /dev/urandom | tr -dc "a-z0-9" | head -c 128 | sed -e 's/[\/&]/\\&/g')
-  sed -i -e 's/^SECRET_TOKEN=.*$/SECRET_TOKEN='"'$SECRET_TOKEN'"'/' $ENV_FILE
+  token=$(export LC_ALL=C; head /dev/urandom | tr -dc "a-z0-9" | head -c 128 | sed -e 's/[\/&]/\\&/g')
+  sed -i -e 's/^SECRET_TOKEN=.*$/SECRET_TOKEN='"'$token'"'/' $ENV_FILE
+  sed -i -e 's/^SECRET_KEY_BASE=.*$/SECRET_KEY_BASE='"'$token'"'/' $ENV_FILE
   clean_sed_temp_file $ENV_FILE
-  echo "Secret key written to .env: \`${SECRET_TOKEN}\`"
+  echo "Secret key written to .env: \`${token}\`"
 else
   echo "Secret key had been write, skipped"
 fi