FreakU
/
takahe
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a big warning to secret_key now it's important

This commit is contained in:
Andrew Godwin 2022-12-15 16:02:37 -07:00
parent f55a00ecef
commit 1a7ffb4bff
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/installation.rst
View File

@ -74,6 +74,14 @@ be provided to the containers from the first boot.
* ``TAKAHE_SECRET_KEY`` must be a fixed, random value (it's used for internal
cryptography). Don't change this unless you want to invalidate all sessions.
.. warning::
You **must** keep the value of ``TAKAHE_SECRET_KEY`` unique and secret. Anyone
with this value can modify their session to impersonate any user, including
admins. It should be kept even more secure than your admin passwords, and
should be long, random and completely unguessable. We recommend that it is
at least 64 characters.
* ``TAKAHE_MEDIA_BACKEND`` must be a URI starting with ``local://``, ``s3://``
or ``gcs://``. See :ref:`media_configuration` below for more.