youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-06-08 09:27:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): harden self-hosted SECRET_KEY bootstrap (#36049)

Browse Source 
Co-authored-by: EndlessLucky <66432853+EndlessLucky@users.noreply.github.com>
This commit is contained in:
-LAN-
2026-05-12 13:35:24 +08:00
committed by GitHub
parent 1a93af5cd0
commit cbedcd2882
16 changed files with 209 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docker/.env.example
View File

@ -28,7 +28,8 @@ LANG=C.UTF-8
LC_ALL=C.UTF-8
PYTHONIOENCODING=utf-8
UV_CACHE_DIR=/tmp/.uv-cache
SECRET_KEY=sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U
# Leave empty to auto-generate a persistent key in the storage directory.
SECRET_KEY=
INIT_PASSWORD=
DEPLOY_ENV=PRODUCTION
CHECK_UPDATE_URL=https://updates.dify.ai

2
docker/README.md
View File

@ -87,7 +87,7 @@ The root `.env.example` file contains the essential startup settings. Optional a
1. **Server Configuration**:
- `LOG_LEVEL`, `DEBUG`, `FLASK_DEBUG`: Logging and debug settings.
- `SECRET_KEY`: A key for encrypting session cookies and other sensitive data.
- `SECRET_KEY`: A key for signing sessions, JWTs, and file URLs. Leave it empty to let Dify generate a persistent key in the storage directory, or set a unique value yourself.
1. **Database Configuration**:

3
docker/envs/security.env.example
View File

@ -36,5 +36,6 @@ TIDB_PUBLIC_KEY=dify
TIDB_PRIVATE_KEY=dify
VIKINGDB_ACCESS_KEY=your-ak
VIKINGDB_SECRET_KEY=your-sk
SECRET_KEY=sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U
# Leave empty to auto-generate a persistent key in the storage directory.
SECRET_KEY=
INIT_PASSWORD=