opensource/supermq
1
0
Fork 0
mirror of https://github.com/absmach/supermq.git synced 2026-06-23 07:20:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

NOISSUE - Sync with SMQ

Browse Source 
Signed-off-by: dusan <borovcanindusan1@gmail.com>
This commit is contained in:
dusan
2025-12-26 18:20:22 +01:00
parent 99e2c7aec4
commit 845cf4c75e
4 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker/supermq-docker/.env
+2 -1
View File
@@ -101,7 +101,8 @@ SMQ_AUTH_DB_SSL_ROOT_CERT=
SMQ_AUTH_ACCESS_TOKEN_DURATION="1h"
SMQ_AUTH_REFRESH_TOKEN_DURATION="24h"
SMQ_AUTH_KEYS_ALGORITHM="EdDSA"
SMQ_AUTH_KEYS_PRIVATE_KEY_PATH="./ssl/keys/private.key"
SMQ_AUTH_KEYS_ACTIVE_KEY_PATH="./keys/active.key"
SMQ_AUTH_KEYS_RETIRING_KEY_PATH="./keys/retiring.key"
SMQ_AUTH_INVITATION_DURATION="168h"
SMQ_AUTH_ADAPTER_INSTANCE_ID=
SMQ_AUTH_CACHE_URL=redis://auth-redis:${SMQ_REDIS_TCP_PORT}/0
docker/supermq-docker/docker-compose.yaml
+11 -5
View File
@@ -121,7 +121,8 @@ services:
SMQ_AUTH_ACCESS_TOKEN_DURATION: ${SMQ_AUTH_ACCESS_TOKEN_DURATION}
SMQ_AUTH_REFRESH_TOKEN_DURATION: ${SMQ_AUTH_REFRESH_TOKEN_DURATION}
SMQ_AUTH_KEYS_ALGORITHM: ${SMQ_AUTH_KEYS_ALGORITHM}
SMQ_AUTH_KEYS_PRIVATE_KEY_PATH: ${SMQ_AUTH_KEYS_PRIVATE_KEY_PATH:+/keys/private.key}
SMQ_AUTH_KEYS_ACTIVE_KEY_PATH: ${SMQ_AUTH_KEYS_ACTIVE_KEY_PATH:+/keys/active.key}
SMQ_AUTH_KEYS_RETIRING_KEY_PATH: ${SMQ_AUTH_KEYS_RETIRING_KEY_PATH:+/keys/retiring.key}
## Compose supports parameter expansion in environment,
## Eg: ${VAR:+replacement} or ${VAR+replacement} -> replacement if VAR is set and non-empty, otherwise empty
## Eg :${VAR:-default} or ${VAR-default} -> value of VAR if set and non-empty, otherwise default
@@ -152,11 +153,16 @@ services:
volumes:
- ./spicedb/schema.zed:${SMQ_SPICEDB_SCHEMA_FILE}
- supermq-pat-db-volume:/supermq-data
- supermq-auth-keys-volume:/keys
# Auth private key file
# Auth active private key file
- type: bind
source: ${SMQ_AUTH_KEYS_PRIVATE_KEY_PATH:-ssl/certs/dummy/private_key}
target: /keys/private.key
source: ${SMQ_AUTH_KEYS_ACTIVE_KEY_PATH}
target: /keys/active.key
read_only: true
# Auth retiring private key file (optional, for key rotation)
- type: bind
source: ${SMQ_AUTH_KEYS_RETIRING_KEY_PATH:-ssl/certs/dummy/retiring_key}
target: /keys/retiring${SMQ_AUTH_KEYS_RETIRING_KEY_PATH:+.key}
read_only: true
bind:
create_host_path: true
# Auth gRPC mTLS server certificates
docker/supermq-docker/ssl/keys/private.key → docker/supermq-docker/keys/active.key
View File
docker/supermq-docker/keys/retiring.key
+3
View File
@@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIE9Qu5lN6KOfdO14XJUClM1UPrqT55BczLMcRuSG7Ziy
-----END PRIVATE KEY-----