mirror/formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-01-06 00:49:42 -06:00
Code Issues Packages Projects Releases 118 Wiki Activity

chore: make cron secret required (#2843)

Browse Source
This commit is contained in:
Dhruwang Jariwala
2024-07-09 11:12:40 +05:30
committed by GitHub
parent 73d403d2f1
commit 6d0bd4a6ed
8 changed files with 54 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.env.example
View File

@@ -31,9 +31,13 @@ DATABASE_URL='postgresql://postgres:postgres@localhost:5432/formbricks?schema=pu
# You can use: `openssl rand -hex 32` to generate a secure one
NEXTAUTH_SECRET=RANDOM_STRING
# Cron Secret
# Set this to your public-facing URL, e.g., https://example.com
# You do not need the NEXTAUTH_URL environment variable in Vercel.
NEXTAUTH_URL=http://localhost:3000
# Cron Secret (mandatory)
# You can use: `openssl rand -hex 32` to generate a secure one
CRON_SECRET=
CRON_SECRET=RANDOM_STRING
################
# MAIL SETUP #

22
apps/docs/app/developer-docs/contributing/get-started/page.mdx
View File

@@ -21,6 +21,7 @@ We are so happy that you are interested in contributing to Formbricks 🤗 There
- **How to create a service**: [Read this document to understand how we use services](https://formbricks.notion.site/How-to-create-a-service-8e0c035704bb40cb9ea5e5beeeeabd67?pvs=4). This is particulalry important when you need to write a new one.
## Talk to us first
We highly recommend connecting with us on [Discord server](https://formbricks.com/discord) before you ship a contribution. This will increase the likelihood of your PR being merged. And it will decrease the likelihood of you wasting your time :)
## Contributor License Agreement (CLA)
@@ -90,14 +91,29 @@ cp .env.example .env
</CodeGroup>
</Col>
4. Generate & set some secret values mandatory for the `ENCRYPTION_KEY` & `NEXTAUTH_SECRET` in the .env file. You can use the following command to generate the random string of required length:
4. Generate & set some secret values mandatory for the `ENCRYPTION_KEY`, `NEXTAUTH_SECRET` and `CRON_SECRET` in the .env file. You can use the following command to generate the random string of required length:
- For Linux
<Col>
<CodeGroup title="Set value of ENCRYPTION_KEY">
<CodeGroup title="For Linux">
```bash
sed -i '/^ENCRYPTION_KEY=/c\ENCRYPTION_KEY='$(openssl rand -hex 32) .env
sed -i '/^NEXTAUTH_SECRET=/c\NEXTAUTH_SECRET='$(openssl rand -hex 32) .env
sed -i '/^CRON_SECRET=/c\CRON_SECRET='$(openssl rand -hex 32) .env
```
</CodeGroup>
</Col>
- For Mac
<Col>
<CodeGroup title="For Mac">
```bash
sed -i '' '/^ENCRYPTION_KEY=/s|.*|ENCRYPTION_KEY='$(openssl rand -hex 32)'|' .env
sed -i '' '/^NEXTAUTH_SECRET=/s|.*|NEXTAUTH_SECRET='$(openssl rand -hex 32)'|' .env
sed -i '' '/^CRON_SECRET=/s|.*|CRON_SECRET='$(openssl rand -hex 32)'|' .env
```
</CodeGroup>
@@ -149,4 +165,4 @@ pnpm build
```
</CodeGroup>
</Col>
</Col>

3
apps/docs/app/self-hosting/configuration/page.mdx
View File

@@ -18,6 +18,8 @@ These variables are present inside your machines docker-compose file. Restart
| DATABASE_URL | Database URL with credentials. | required | |
| NEXTAUTH_SECRET | Secret for NextAuth, used for session signing and encryption. | required | (Generated by the user) |
| ENCRYPTION_KEY | Secret for used by Formbricks for data encryption | required | (Generated by the user) |
| NEXTAUTH_URL | Location of the auth server. By default, this is the Formbricks docker instance itself. | required | http://localhost:3000 |
| CRON_SECRET | API Secret for running cron jobs. | required | |
| UPLOADS_DIR | Local directory for storing uploads. | optional | ./uploads |
| S3_ACCESS_KEY | Access key for S3. | optional | (resolved by the AWS SDK) |
| S3_SECRET_KEY | Secret key for S3. | optional | (resolved by the AWS SDK) |
@@ -42,7 +44,6 @@ These variables are present inside your machines docker-compose file. Restart
| GITHUB_SECRET | Secret for GitHub. | optional (required if GitHub auth is enabled) | |
| GOOGLE_CLIENT_ID | Client ID for Google. | optional (required if Google auth is enabled) | |
| GOOGLE_CLIENT_SECRET | Secret for Google. | optional (required if Google auth is enabled) | |
| CRON_SECRET | API Secret for running cron jobs. | optional | |
| STRIPE_SECRET_KEY | Secret key for Stripe integration. | optional | |
| STRIPE_WEBHOOK_SECRET | Webhook secret for Stripe integration. | optional | |
| TELEMETRY_DISABLED | Disables telemetry if set to 1. | optional | |

19
apps/docs/app/self-hosting/docker/page.mdx
View File

@@ -83,7 +83,22 @@ Next, you need to generate an Encryption Key. This will be used for authenticati
</Col>
5. **Start the Docker Setup**
5. **Generate Cron Secret**
Next, you need to generate a Cron secret. This will be used as an API Secret for running cron jobs. The `sed` command below generates a random string using `openssl`, then replaces the `CRON_SECRET:` placeholder in the `docker-compose.yml` file with this generated secret:
<Col>
<CodeGroup title="Generate Cron Secret">
```bash
sed -i "/CRON_SECRET:$/s/CRON_SECRET:.*/CRON_SECRET: $(openssl rand -hex 32)/" docker-compose.yml
```
</CodeGroup>
</Col>
6. **Start the Docker Setup**
You're now ready to start the Formbricks Docker setup. The following command will start Formbricks together with a postgreSQL database using Docker Compose:
@@ -98,7 +113,7 @@ You're now ready to start the Formbricks Docker setup. The following command wil
</Col>
The `-d` flag will run the containers in detached mode, meaning they'll run in the background.
6. **Visit Formbricks in Your Browser**
7. **Visit Formbricks in Your Browser**
After starting the Docker setup, visit http://localhost:3000 in your browser to interact with the Formbricks application. The first time you access this page, you'll be greeted by a setup wizard. Follow the prompts to define your first user and get started.

7
docker-compose.yml
View File

@@ -14,6 +14,10 @@ x-nextauth-secret: &nextauth_secret
# Encryption key
# You can use: `openssl rand -hex 32` to generate one
x-cron-secret: &cron_secret
# Set the below to use it instead of API Key for the API & use as an auth for cronjobs
# You can use: $(openssl rand -hex 32) to generate a secure one
x-encryption-key: &encryption_key
@@ -61,9 +65,6 @@ x-sentry-ignore-api-resolution-error: &sentry_ignore_api_resolution_error # Disa
x-next-public-sentry-dsn: &next_public_sentry_dsn # Enable Sentry Error Tracking
x-cron-secret: &cron_secret # Set this to a random string to secure your cron endpoints
services:
postgres:
restart: always

4
docker/docker-compose.yml
View File

@@ -19,9 +19,9 @@ x-environment: &environment
# You can use: $(openssl rand -hex 32) to generate one
ENCRYPTION_KEY:
# Set the below to use it intead of API Key for the API & use as an auth for cronjobs
# Set the below to use it instead of API Key for the API & use as an auth for cronjobs
# You can use: $(openssl rand -hex 32) to generate a secure one
# CRON_SECRET:
CRON_SECRET:
############################################# OPTIONAL (ENTERPRISE EDITION) #############################################

3
docker/formbricks.sh
View File

@@ -150,6 +150,9 @@ EOT
encryption_key=$(openssl rand -hex 32) && sed -i "/ENCRYPTION_KEY:$/s/ENCRYPTION_KEY:.*/ENCRYPTION_KEY: $encryption_key/" docker-compose.yml
echo "🚗 ENCRYPTION_KEY updated successfully!"
cron_secret=$(openssl rand -hex 32) && sed -i "/CRON_SECRET:$/s/CRON_SECRET:.*/CRON_SECRET: $cron_secret/" docker-compose.yml
echo "🚗 CRON_SECRET updated successfully!"
if [[ -n $mail_from ]]; then
sed -i "s|# MAIL_FROM:|MAIL_FROM: \"$mail_from\"|" docker-compose.yml
sed -i "s|# SMTP_HOST:|SMTP_HOST: \"$smtp_host\"|" docker-compose.yml

2
packages/lib/env.ts
View File

@@ -11,7 +11,7 @@ export const env = createEnv({
AZUREAD_CLIENT_ID: z.string().optional(),
AZUREAD_CLIENT_SECRET: z.string().optional(),
AZUREAD_TENANT_ID: z.string().optional(),
CRON_SECRET: z.string().optional(),
CRON_SECRET: z.string().min(1),
CUSTOMER_IO_API_KEY: z.string().optional(),
CUSTOMER_IO_SITE_ID: z.string().optional(),
DATABASE_URL: z.string().url(),