Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit08ba333

Browse files
committed
new: add configuration of node service communication encryption
1 parentd7f7b61 commit08ba333

File tree

8 files changed

+40
-2
lines changed

8 files changed

+40
-2
lines changed

‎deploy/docker/README.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,8 @@ Image can be configured by setting environment variables.
4444
|`LOWCODER_API_RATE_LIMIT`| Number of max Request per Second|`100`|
4545
|`LOWCODER_API_SERVICE_URL`| Lowcoder API service URL|`http://localhost:8080`|
4646
|`LOWCODER_NODE_SERVICE_URL`| Lowcoder Node service (js executor) URL|`http://localhost:6060`|
47+
|`LOWCODER_NODE_SERVICE_SECRET`| Secret used for encrypting communication between API service and Node service - CHANGE IT!||
48+
|`LOWCODER_NODE_SERVICE_SALT`| Salt used for encrypting communication between API service and Node service - CHANGE IT!||
4749
|`LOWCODER_MAX_ORGS_PER_USER`| Default maximum organizations per user|`100`|
4850
|`LOWCODER_MAX_MEMBERS_PER_ORG`| Default maximum members per organization|`1000`|
4951
|`LOWCODER_MAX_GROUPS_PER_ORG`| Default maximum groups per organization|`100`|
@@ -128,6 +130,8 @@ Image can be configured by setting environment variables.
128130
|`LOWCODER_COOKIE_NAME`| Name of the lowcoder application cookie|`LOWCODER_CE_SELFHOST_TOKEN`|
129131
|`LOWCODER_COOKIE_MAX_AGE`| Lowcoder application cookie max age in hours|`24`|
130132
|`LOWCODER_APP_SNAPSHOT_RETENTIONTIME`| Application snapshots retention time in days|`30`|
133+
|`LOWCODER_NODE_SERVICE_SECRET`| Secret used for encrypting communication between API service and Node service - CHANGE IT!||
134+
|`LOWCODER_NODE_SERVICE_SALT`| Salt used for encrypting communication between API service and Node service - CHANGE IT!||
131135

132136
Also you should set the API-KEY secret, whcih should be a string of at least 32 random characters. (from Lowcoder v2.3.x on)
133137
On linux/mac, generate one eg. with: head /dev/urandom | head -c 30 | shasum -a 256
@@ -172,6 +176,8 @@ Image can be configured by setting environment variables.
172176
|`LOWCODER_PUID`| ID of user running services. It will own all created logs and data.|`9001`|
173177
|`LOWCODER_PGID`| ID of group of the user running services.|`9001`|
174178
|`LOWCODER_API_SERVICE_URL`| Lowcoder API service URL|`http://localhost:8080`|
179+
|`LOWCODER_NODE_SERVICE_SECRET`| Secret used for encrypting communication between API service and Node service - CHANGE IT!||
180+
|`LOWCODER_NODE_SERVICE_SALT`| Salt used for encrypting communication between API service and Node service - CHANGE IT!||
175181

176182
##Building web frontend image
177183

‎deploy/docker/default.env

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,14 @@ LOWCODER_API_SERVICE_URL="http://localhost:8080"
105105
# Lowcoder Node service URL
106106
LOWCODER_NODE_SERVICE_URL="http://localhost:6060"
107107

108+
#
109+
# ! PLEASE CHANGE THESE TO SOMETHING UNIQUE !
110+
#
111+
# Secret and salt used for encrypting comunication between API service and NODE service
112+
#
113+
LOWCODER_NODE_SERVICE_SECRET="62e348319ab9f5c43c3b5a380b4d82525cdb68740f21140e767989b509ab0aa2"
114+
LOWCODER_NODE_SERVICE_SECRET_SALT="lowcoder.org"
115+
108116
##
109117
## Frontend parameters
110118
##

‎deploy/helm/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,10 @@ description: A Helm chart for Kubernetes for installing lowcoder
44

55
type:application
66
# Chart version (change every time you make changes to the chart)
7-
version:2.6.6
7+
version:2.7.0
88

99
# Lowcoder version
10-
appVersion:"2.6.6"
10+
appVersion:"2.7.0"
1111

1212
# Dependencies needed for Lowcoder deployment
1313
dependencies:

‎deploy/helm/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,8 @@ $ helm delete -n lowcoder my-lowcoder
6161
|`global.config.snapshotRetentionTime`| Lowcoder application snapshot retention time (in days)|`30`|
6262
|`global.config.marketplacePrivateMode`| Controls whether to show Apps on the local Marketplace to anonymous users|`true`|
6363
|`global.config.nodeServiceUrl`| URL to node-service server if using external one (disabled by default)||
64+
|`global.config.nodeServiceSecret`| Secret used for encrypting traffic between API service and Node service - CHANGE IT!||
65+
|`global.config.nodeServiceSalt`| Salt used for encrypting traffic between API service and Node service - CHANGE IT!||
6466
|`global.config.apiServiceUrl`| URL to api-service server if using external one (disabled by default)||
6567
|`global.cookie.name`| Name of the lowcoder application cookie|`LOWCODER_CE_SELFHOST_TOKEN`|
6668
|`global.cookie.maxAge`| Lowcoder application cookie max age in hours|`24`|

‎deploy/helm/templates/api-service/secrets.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,3 +31,6 @@ stringData:
3131
LOWCODER_API_KEY_SECRET:"{{ .Values.global.config.apiKeySecret }}"
3232
LOWCODER_SUPERUSER_USERNAME:{{ .Values.global.config.superuser.username | default "admin@localhost" | quote }}
3333
LOWCODER_SUPERUSER_PASSWORD:{{ .Values.global.config.superuser.password | default "" | quote }}
34+
LOWCODER_NODE_SERVICE_SECRET:{{ .values.global.config.nodeServiceSecret | default "62e348319ab9f5c43c3b5a380b4d82525cdb68740f21140e767989b509ab0aa2" | quote }}
35+
LOWCODER_NODE_SERVICE_SECRET_SALT:{{ .values.global.config.nodeServiceSalt | default "lowcoder.org" | quote }}
36+

‎deploy/helm/templates/node-service/deployment.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,8 @@ spec:
3636
envFrom:
3737
-configMapRef:
3838
name:{{ include "lowcoder.fullname" . }}-node-service
39+
-secretRef:
40+
name:{{ include "lowcoder.fullname" . }}-node-service
3941
ports:
4042
-name:lowcoder-node
4143
containerPort:6060
Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
apiVersion:v1
2+
kind:Secret
3+
type:Opaque
4+
metadata:
5+
name:{{ include "lowcoder.fullname" . }}-node-service
6+
labels:
7+
{{- include "lowcoder.labels" . | nindent 4 }}
8+
{{- with .Values.annotations }}
9+
annotations:
10+
{{- toYaml . | nindent 4 }}
11+
{{- end }}
12+
stringData:
13+
LOWCODER_NODE_SERVICE_SECRET:{{ .values.global.config.nodeServiceSecret | default "62e348319ab9f5c43c3b5a380b4d82525cdb68740f21140e767989b509ab0aa2" | quote }}
14+
LOWCODER_NODE_SERVICE_SECRET_SALT:{{ .values.global.config.nodeServiceSalt | default "lowcoder.org" | quote }}
15+

‎deploy/helm/values.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,8 @@ global:
3131
#nodeServiceUrl:
3232
#apiServiceUrl:
3333
apiKeySecret:"5a41b090758b39b226603177ef48d73ae9839dd458ccb7e66f7e7cc028d5a50b"
34+
nodeServiceSecret:"62e348319ab9f5c43c3b5a380b4d82525cdb68740f21140e767989b509ab0aa2"
35+
nodeServiceSalt:"lowcoder.org"
3436
maxQueryTimeout:120
3537
maxRequestSize:"20m"
3638
snapshotRetentionTime:30

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp