Fimeg/Redflag
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
95f70bd9bb63daa120f1823cdb1a7b1745125c25
Redflag/config/.env.bootstrap.example
Fimeg 3f9164c7ca fix: complete security vulnerability remediation 
Critical Security Fixes:
- Fix JWT secret derivation vulnerability - replace deriveJWTSecret with cryptographically secure GenerateSecureToken
- Secure setup interface - remove JWT secret display and API response exposure
- Fix database migration 012 parameter naming conflict in mark_registration_token_used function
- Restore working Docker Compose environment variable configuration

Security Impact:
- Eliminates system-wide compromise risk from admin credential exposure
- Removes sensitive JWT secret exposure during setup process
- Ensures cryptographically secure JWT token generation
- Fixes agent registration and token creation functionality

Testing:
- Agent registration working properly
- Token consumption tracking functional
- Registration tokens created without 500 errors
- Secure JWT secret generation verified
2025-10-31 10:41:04 -04:00

27 lines
663 B
Plaintext
Raw Blame History

# RedFlag Bootstrap Configuration
# Copy this to ./config/.env and edit the values below
# PostgreSQL Configuration
POSTGRES_DB=redflag
POSTGRES_USER=redflag
POSTGRES_PASSWORD=redflag_bootstrap
# RedFlag Server Configuration
REDFLAG_SERVER_HOST=0.0.0.0
REDFLAG_SERVER_PORT=8080
REDFLAG_DB_HOST=postgres
REDFLAG_DB_PORT=5432
REDFLAG_DB_NAME=redflag
REDFLAG_DB_USER=redflag
REDFLAG_DB_PASSWORD=redflag_bootstrap
# Admin Configuration
REDFLAG_ADMIN_USER=admin
REDFLAG_ADMIN_PASSWORD=CHANGE_ME_ADMIN_PASSWORD
REDFLAG_JWT_SECRET=CHANGE_ME_JWT_SECRET_AT_LEAST_32_CHARS_LONG
# Token Configuration
REDFLAG_TOKEN_EXPIRY=24h
REDFLAG_MAX_TOKENS=100
REDFLAG_MAX_SEATS=10
Reference in New Issue View Git Blame Copy Permalink