diff options
| author | Andrew Godwin | 2022-12-15 16:02:37 -0700 |
|---|---|---|
| committer | Andrew Godwin | 2022-12-15 16:02:37 -0700 |
| commit | 1a7ffb4bff69aa32dc898c650215cba405031202 (patch) | |
| tree | 95378258d6acae6b9bb386731f841d3421f5375c | |
| parent | f55a00ecef6d9b4047ea483df881eff9066370bf (diff) | |
| download | takahe-1a7ffb4bff69aa32dc898c650215cba405031202.tar.gz takahe-1a7ffb4bff69aa32dc898c650215cba405031202.tar.bz2 takahe-1a7ffb4bff69aa32dc898c650215cba405031202.zip | |
Add a big warning to secret_key now it's important
| -rw-r--r-- | docs/installation.rst | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/installation.rst b/docs/installation.rst index 3fdda0d..003da03 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -74,6 +74,14 @@ be provided to the containers from the first boot. * ``TAKAHE_SECRET_KEY`` must be a fixed, random value (it's used for internal cryptography). Don't change this unless you want to invalidate all sessions. + .. warning:: + + You **must** keep the value of ``TAKAHE_SECRET_KEY`` unique and secret. Anyone + with this value can modify their session to impersonate any user, including + admins. It should be kept even more secure than your admin passwords, and + should be long, random and completely unguessable. We recommend that it is + at least 64 characters. + * ``TAKAHE_MEDIA_BACKEND`` must be a URI starting with ``local://``, ``s3://`` or ``gcs://``. See :ref:`media_configuration` below for more. |