From c47bae9709326c75a3bfb60d2f3742b1bf6d24f2 Mon Sep 17 00:00:00 2001
From: Dominik George <dominik.george@teckids.org>
Date: Sun, 28 Mar 2021 19:50:59 +0200
Subject: [PATCH] [Docker] Do not generate a secret key on startup

This would require www-data to be able to write the secret key now.
That would not be an issue in general, but requires awkward changes
with no real use. Users are supposed to configure a secret key
themselves.
---
 docker-startup.sh | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/docker-startup.sh b/docker-startup.sh
index b73e6a710..85013154a 100755
--- a/docker-startup.sh
+++ b/docker-startup.sh
@@ -52,17 +52,6 @@ prepare_database() {
 	aleksis-admin createinitialrevisions
 }
 
-if [ -z "$ALEKSIS_secret_key" ]; then
-	# Use a random session secret key if none was provided
-	# In K8s, should be provided from a K8s secret
-	if [ ! -e /var/lib/aleksis/secret_key ]; then
-		touch /var/lib/aleksis/secret_key
-		chmod 600 /var/lib/aleksis/secret_key
-		LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' </dev/urandom | head -c 64 >/var/lib/aleksis/secret_key
-	fi
-	ALEKSIS_secret_key=$(cat /var/lib/aleksis/secret_key)
-fi
-
 # Wait for database to be reachable under all conditions
 wait_database
 
-- 
GitLab