From fcff855e16c5a4cb5765cb2166110534cb894662 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Tue, 4 Nov 2025 13:33:42 +0100 Subject: [PATCH] feat: Add fallback for OC_URL_SIGNING_SECRET When OC_URL_SIGNING_SECRET is not set. Fall back to the value of the reva transfer token. This allows handling upgrades on a instance that was created before the OC_URL_SIGNING_SECRET was introduced to be handled more graceful. Unfortunately this still only works reliably for single instance deployments (or instance that where bootstrapped using 'opencloud init') that are guaranteed to have the transfer token available. When running 'proxy' and 'ocdav' as separate services the upgrade might still require manual intervention. --- pkg/config/parser/parse.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/config/parser/parse.go b/pkg/config/parser/parse.go index ebd5e321fd..bc6c5eaf81 100644 --- a/pkg/config/parser/parse.go +++ b/pkg/config/parser/parse.go @@ -103,6 +103,10 @@ func EnsureCommons(cfg *config.Config) { // copy url signing secret to the commons part if set if cfg.URLSigningSecret != "" { cfg.Commons.URLSigningSecret = cfg.URLSigningSecret + } else { + // fall back to transfer secret for url signing secret to avoid + // issues when upgradin from an older release + cfg.Commons.URLSigningSecret = cfg.TransferSecret } // copy metadata user id to the commons part if set