auto generate ovis cookie secret

2026-03-31 18:00:18 +02:00 · 2026-03-27 10:13:50 +01:00
parent c8bb9259db
commit 9ca6d0f178
2 changed files with 3 additions and 2 deletions
--- a/ccp/modules/ovis-compose.yml
+++ b/ccp/modules/ovis-compose.yml
@@ -11,7 +11,7 @@ services:
      - OAUTH2_PROXY_OIDC_ISSUER_URL=${OIDC_PRIVATE_URL}
      - OAUTH2_PROXY_CLIENT_ID=${OIDC_PRIVATE_CLIENT_ID}
      - OAUTH2_PROXY_CLIENT_SECRET=${OIDC_CLIENT_SECRET}
-      - OAUTH2_PROXY_COOKIE_SECRET=${IDMANAGER_AUTH_COOKIE_SECRET}
+      - OAUTH2_PROXY_COOKIE_SECRET=${OVIS_AUTH_COOKIE_SECRET}
      - OAUTH2_PROXY_COOKIE_NAME=_BRIDGEHEAD_oauth2_ovis
      - OAUTH2_PROXY_COOKIE_DOMAINS=.${HOST}
      - OAUTH2_PROXY_COOKIE_REFRESH=4m
--- a/ccp/modules/ovis-setup.sh
+++ b/ccp/modules/ovis-setup.sh
@@ -4,4 +4,5 @@ if [ -n "$ENABLE_OVIS" ]; then
  log INFO "OVIS setup detected -- will start OVIS services with local oauth2-proxy middleware."
  OVERRIDE+=" -f ./$PROJECT/modules/ovis-compose.yml"
  add_private_oidc_redirect_url "/oauth2-ovis/callback"
-fi
+  OVIS_AUTH_COOKIE_SECRET="$(generate_simple_password 'ovisCookieSecret' | head -c 16)"
+fi