maximus/vps-health-api
1
0
Fork 0
Code Issues 2 Pull requests 1 Projects Releases Packages Wiki Activity Actions
vps-health-api/.env.example
le king fu 9510e96231 docs: warn HEALTH_TOKEN must be runtime-only on Coolify 
Add inline warning in .env.example and CLAUDE.md Auth section:
HEALTH_TOKEN is read at runtime only — passing it as Coolify build ARG
leaks the secret in clear in application_deployment_queues.logs.

Refs #4

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 15:54:07 -04:00

6 lines
348 B
Text
Raw Blame History

PORT=3001
# HEALTH_TOKEN is read at runtime only (process.env at startup).
# On Coolify: MUST be is_runtime=true, is_buildtime=false.
# Buildtime ARG leaks the secret in clear in application_deployment_queues.logs.
HEALTH_TOKEN=change-me-to-a-strong-secret
LOGTO_HEALTH_URL=https://auth.lacompagniemaximus.com/oidc/.well-known/openid-configuration
Reference in a new issue View git blame Copy permalink