feat: Add fallback for OC_URL_SIGNING_SECRET

When OC_URL_SIGNING_SECRET is not set. Fall back to the value of the reva transfer token. This allows handling upgrades on a instance that was created before the OC_URL_SIGNING_SECRET was introduced to be handled more graceful. Unfortunately this still only works reliably for single instance deployments (or instance that where bootstrapped using 'opencloud init') that are guaranteed to have the transfer token available. When running 'proxy' and 'ocdav' as separate services the upgrade might still require manual intervention.
2025-12-23 22:29:59 -05:00 · 2025-11-04 13:33:42 +01:00
parent 37609e52df
commit fcff855e16
1 changed files with 4 additions and 0 deletions
--- a/pkg/config/parser/parse.go
+++ b/pkg/config/parser/parse.go
@@ -103,6 +103,10 @@ func EnsureCommons(cfg *config.Config) {
 	// copy url signing secret to the commons part if set
 	if cfg.URLSigningSecret != "" {
 		cfg.Commons.URLSigningSecret = cfg.URLSigningSecret
+	} else {
+		// fall back to transfer secret for url signing secret to avoid
+		// issues when upgradin from an older release
+		cfg.Commons.URLSigningSecret = cfg.TransferSecret
 	}

 	// copy metadata user id to the commons part if set