From 811a400a014b4c28b9e7e5792de714ab97bc85cc Mon Sep 17 00:00:00 2001
From: Quentin Duchemin <quentinduchemin@tuta.io>
Date: Sun, 16 Aug 2020 20:12:20 +0200
Subject: [PATCH] [Lufi] Not sure about KEY_COOKIE injection, change to env
 variable

---
 pica-lufi/entrypoint.sh                | 5 +----
 pica-lufi/secrets/lufi.secrets.example | 3 +++
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pica-lufi/entrypoint.sh b/pica-lufi/entrypoint.sh
index 3a7149c6..50108dce 100644
--- a/pica-lufi/entrypoint.sh
+++ b/pica-lufi/entrypoint.sh
@@ -20,9 +20,6 @@ if [ -z "${POSTGRES_PASSWORD}" ]; then
   exit 1
 fi
 
-echo "Generate secret key for cookies..."
-key=`tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 48 | head -n 1`
-
 echo "Create crontab for cleaning tasks..."
 
 # See https://framagit.org/fiat-tux/hat-softwares/lufi/-/wikis/cron-jobs
@@ -33,7 +30,7 @@ echo "0 0 * * * carton exec $APP_HOME/script/lufi cron cleanfiles --mode product
 
 
 echo "Start Lufi..."
-KEY_COOKIE=${key} $@ &
+$@ &
 
 echo "Start supercronic..."
 supercronic /crontab.conf
diff --git a/pica-lufi/secrets/lufi.secrets.example b/pica-lufi/secrets/lufi.secrets.example
index 4616ce95..b4059f37 100644
--- a/pica-lufi/secrets/lufi.secrets.example
+++ b/pica-lufi/secrets/lufi.secrets.example
@@ -1 +1,4 @@
 EMAIL_PASSWORD=password
+# Generate one with the following command :
+# tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 48 | head -n 1
+KEY_COOKIE=
-- 
GitLab