added info

This commit is contained in:
Gamosoft 2025-11-25 17:39:43 +01:00
parent b47008d347
commit 6b7febd418
3 changed files with 17 additions and 2 deletions

View File

@ -88,7 +88,10 @@ Use the pre-built image directly from GHCR - no building required!
> # The documentation/ folder has app docs you can optionally mount > # The documentation/ folder has app docs you can optionally mount
> ``` > ```
> **🔐 Security Note**: Authentication is **disabled by default** with password `admin`. For testing/local use, this is fine. If exposing to a network, **change the password immediately** - see [AUTHENTICATION.md](documentation/AUTHENTICATION.md) for instructions on how to enable it. > **🔐 Security Note**: Authentication is **disabled by default** with password `admin`.
> - ✅ **Local/Testing**: Default credentials are fine
> - ⚠️ **Public Network**: Change password immediately - see [AUTHENTICATION.md](documentation/AUTHENTICATION.md)
> - 🎭 **Demo Deployment**: Uses default "admin" password
**Option 1: Docker Compose (Recommended)** **Option 1: Docker Compose (Recommended)**

View File

@ -30,11 +30,15 @@ authentication:
# Set enabled to true to require login # Set enabled to true to require login
enabled: false enabled: false
# ⚠️ SECURITY WARNING: Change these values before exposing to the internet!
# Default values below are for LOCAL TESTING ONLY
# Session secret key - CHANGE THIS TO A RANDOM STRING! # Session secret key - CHANGE THIS TO A RANDOM STRING!
# Generate with: python -c "import secrets; print(secrets.token_hex(32))" # Generate with: python -c "import secrets; print(secrets.token_hex(32))"
secret_key: "change_this_to_a_random_secret_key_in_production" secret_key: "change_this_to_a_random_secret_key_in_production"
# Password hash - Generate with: python generate_password.py # Password hash - Generate with: python generate_password.py
# ⚠️ Default password is "admin" - CHANGE THIS for production!
password_hash: "$2b$12$t/6PGExFzdpU2PUta0iVY.eDQwvu63kH.c/d4bEnnHaQ5CspH1yrG" # Default: "admin" password_hash: "$2b$12$t/6PGExFzdpU2PUta0iVY.eDQwvu63kH.c/d4bEnnHaQ5CspH1yrG" # Default: "admin"
# Session expiry in seconds (default: 7 days) # Session expiry in seconds (default: 7 days)

View File

@ -24,8 +24,16 @@ services:
value: "true" value: "true"
- key: AUTHENTICATION_ENABLED - key: AUTHENTICATION_ENABLED
value: "true" value: "true"
# ⚠️ DEMO CREDENTIALS - DO NOT USE IN PRODUCTION! ⚠️
# These are public demo credentials for testing only.
# Password: "admin"
- key: AUTHENTICATION_PASSWORD_HASH - key: AUTHENTICATION_PASSWORD_HASH
value: "$2b$12$t/6PGExFzdpU2PUta0iVY.eDQwvu63kH.c/d4bEnnHaQ5CspH1yrG" # admin value: "$2b$12$t/6PGExFzdpU2PUta0iVY.eDQwvu63kH.c/d4bEnnHaQ5CspH1yrG"
# ⚠️ PUBLIC SECRET KEY - DEMO ONLY! ⚠️
# For production, generate a new key with:
# python -c "import secrets; print(secrets.token_hex(32))"
- key: AUTHENTICATION_SECRET_KEY - key: AUTHENTICATION_SECRET_KEY
value: "4f36da5af76627301dcdc0347c4b111bdc6c86ae830444af852de935198c3210" value: "4f36da5af76627301dcdc0347c4b111bdc6c86ae830444af852de935198c3210"