fix(deploy): let app own secret key — remove STEWARD_SECRET_KEY from deploy compose
CI / lint (push) Successful in 3s
CI / unit (push) Successful in 7s
CI / integration (push) Successful in 2m13s
CI / publish (push) Successful in 4s

The app auto-generates a key on first boot and persists it to /data/secret.key,
which the app_data volume keeps across image updates. No reason to surface this
as a user-facing env var in the deploy compose. Removed from .env.example too.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-06-05 11:28:53 -04:00
parent ef6c90c022
commit 98edb12abb
2 changed files with 3 additions and 5 deletions
-1
View File
@@ -1,7 +1,6 @@
# Copy to .env for Docker / local development secrets
# These override values in config.yaml
STEWARD_SECRET_KEY=change-me
STEWARD_DATABASE_URL=postgresql+asyncpg://steward:password@localhost/steward
STEWARD_SMTP__PASSWORD=