Skip to content

Commit 7038de9

Browse files
teohhanhuiteohhanhui
committed
Fix MERCURE_JWT_SECRET env var which was not set in the Travis CI build
Also add instructions for user on how to generate MERCURE_JWT_SECRET easily
1 parent ea79710 commit 7038de9

File tree

3 files changed

+6
-4
lines changed

3 files changed

+6
-4
lines changed

api/.env

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ CORS_ALLOW_ORIGIN=^https?://localhost(:[0-9]+)?$
3333

3434
###> symfony/mercure-bundle ###
3535
MERCURE_PUBLISH_URL=http://mercure/hub
36-
MERCURE_JWT_SECRET=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyJmb28iLCJiYXIiXSwicHVibGlzaCI6WyJmb28iXX19.LRLvirgONK13JgacQ_VbcjySbVhkSmHy3IznH3tA9PM
36+
MERCURE_JWT_SECRET=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6WyJmb28iLCJiYXIiXSwicHVibGlzaCI6WyJmb28iXX19.qOwClmp3euDLhEQ2lOB0TLUHsobaAoe-nZ1iU3h_Eas
3737
###< symfony/mercure-bundle ###
3838

3939
MERCURE_SUBSCRIBE_URL=https://localhost:1338/hub

ci/before_deploy

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,10 @@ fi
1717
# Generate random key & jwt for Mercure if not set
1818
if [[ -z $MERCURE_JWT_KEY ]]; then
1919
npm install --global "@clarketm/jwt-cli"
20-
export MERCURE_JWT_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
21-
export MERCURE_JWT=$(jwt sign --noCopy '{"mercure": {"publish": ["*"]}}' $MERCURE_JWT_KEY)
20+
MERCURE_JWT_KEY=$(< /dev/urandom tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
21+
export MERCURE_JWT_KEY
22+
MERCURE_JWT_SECRET=$(jwt sign --noCopy '{"mercure": {"publish": ["*"]}}' "$MERCURE_JWT_KEY")
23+
export MERCURE_JWT_SECRET
2224
fi
2325

2426
# Generate random database password if not set

docker-compose.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ services:
6767
image: dunglas/mercure
6868
environment:
6969
# You should definitely change all these values in production
70-
- JWT_KEY=!UnsecureChangeMe!
70+
- JWT_KEY=!InsecureChangeMe! # You have to change MERCURE_JWT_SECRET in api/.env when you change this. You can put the old value of MERCURE_JWT_SECRET into the debugger on https://jwt.io/ and put the new value of JWT_KEY in the "secret" field to obtain the new encoded value for MERCURE_JWT_SECRET
7171
- ALLOW_ANONYMOUS=1
7272
- CORS_ALLOWED_ORIGINS=*
7373
- PUBLISH_ALLOWED_ORIGINS=http://localhost:1337,https://localhost:1338

0 commit comments

Comments
 (0)