From c58d2e44313e2cf775d3ed407bccedc3993eb364 Mon Sep 17 00:00:00 2001 From: VitorPorf Date: Tue, 24 Mar 2026 10:55:58 -0300 Subject: [PATCH 1/2] fix(root): generate encryption envs in setup-env-files script --- scripts/setup-env-files.js | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/scripts/setup-env-files.js b/scripts/setup-env-files.js index 9068c458ef9..7be2a4a03be 100644 --- a/scripts/setup-env-files.js +++ b/scripts/setup-env-files.js @@ -1,25 +1,35 @@ +const crypto = require('crypto'); const fs = require('fs'); const path = require('path'); -const prePopulateEnv = (apps, folderBasePath, exampleEnvFilePath = 'src/.example.env', envFilePath = 'src/.env') => { +const ENCRYPTION_KEY_PLACEHOLDER = ''; + +const generateEncryptionKey = () => crypto.randomBytes(16).toString('hex'); + +const prePopulateEnv = (apps, folderBasePath, exampleEnvFilePath = 'src/.example.env', envFilePath = 'src/.env', sharedEncryptionKey) => { console.log(`Pre-populating .env files from .example.env for [${apps.join(',')}]`); for (const folder of apps) { - const exists = fs.existsSync(path.resolve(`${folderBasePath}/${folder}/${envFilePath}`)); + const destPath = path.resolve(`${folderBasePath}/${folder}/${envFilePath}`); + const exists = fs.existsSync(destPath); if (!exists) { console.log(`Populating ${folderBasePath}/${folder} with .env file`); - fs.copyFileSync( - path.resolve(`${folderBasePath}/${folder}/${exampleEnvFilePath}`), - path.resolve(`${folderBasePath}/${folder}/${envFilePath}`) - ); + const sourcePath = path.resolve(`${folderBasePath}/${folder}/${exampleEnvFilePath}`); + let content = fs.readFileSync(sourcePath, 'utf8'); + if (content.includes(ENCRYPTION_KEY_PLACEHOLDER) && sharedEncryptionKey) { + content = content.replace(ENCRYPTION_KEY_PLACEHOLDER, sharedEncryptionKey); + console.log(` Generated STORE_ENCRYPTION_KEY for ${folder}`); + } + fs.writeFileSync(destPath, content); } } }; (async () => { const appsBasePath = `${__dirname}/../apps`; + const sharedEncryptionKey = generateEncryptionKey(); console.log('----------------------------------------'); - prePopulateEnv(['api', 'ws', 'worker'], appsBasePath); - prePopulateEnv(['dashboard'], appsBasePath, '.example.env', '.env'); + prePopulateEnv(['api', 'ws', 'worker'], appsBasePath, 'src/.example.env', 'src/.env', sharedEncryptionKey); + prePopulateEnv(['dashboard'], appsBasePath, '.example.env', '.env', sharedEncryptionKey); console.log('Finished populating .env files'); console.log('----------------------------------------'); })(); From 2865a5ccac92c3666d701f4c8f10a7ab99f776d9 Mon Sep 17 00:00:00 2001 From: VitorPorf Date: Mon, 6 Apr 2026 18:22:51 -0300 Subject: [PATCH 2/2] Fixed setup-env-files.js to use replaceAll instead of replace when substituting the placeholder. --- scripts/setup-env-files.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/setup-env-files.js b/scripts/setup-env-files.js index 7be2a4a03be..64811b2648d 100644 --- a/scripts/setup-env-files.js +++ b/scripts/setup-env-files.js @@ -16,7 +16,7 @@ const prePopulateEnv = (apps, folderBasePath, exampleEnvFilePath = 'src/.example const sourcePath = path.resolve(`${folderBasePath}/${folder}/${exampleEnvFilePath}`); let content = fs.readFileSync(sourcePath, 'utf8'); if (content.includes(ENCRYPTION_KEY_PLACEHOLDER) && sharedEncryptionKey) { - content = content.replace(ENCRYPTION_KEY_PLACEHOLDER, sharedEncryptionKey); + content = content.replaceAll(ENCRYPTION_KEY_PLACEHOLDER, sharedEncryptionKey); console.log(` Generated STORE_ENCRYPTION_KEY for ${folder}`); } fs.writeFileSync(destPath, content);