Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SECRET issue #88

Open
7aklhz opened this issue Feb 22, 2022 · 3 comments · May be fixed by #147
Open

SECRET issue #88

7aklhz opened this issue Feb 22, 2022 · 3 comments · May be fixed by #147

Comments

@7aklhz
Copy link

7aklhz commented Feb 22, 2022

Hi,

I have installed calcom using Docker and when I open my app url, I get errors concerning missing secret
[next-auth][error][NO_SECRET] 2022-02-22T16:26:01.391583752Z https://next-auth.js.org/errors#no_secret Please define a secretin production. MissingSecret [MissingSecretError]: Please define asecret in production. 2022-02-22T16:26:01.391591995Z at assertConfig (/calcom/node_modules/next-auth/core/lib/assert.js:24:14) 2022-02-22T16:26:01.391598403Z at NextAuthHandler (/calcom/node_modules/next-auth/core/index.js:34:52) 2022-02-22T16:26:01.391602445Z at NextAuthNextHandler (/calcom/node_modules/next-auth/next/index.js:20:51) 2022-02-22T16:26:01.391606251Z at /calcom/node_modules/next-auth/next/index.js:56:38 2022-02-22T16:26:01.391609921Z at Object.apiResolver (/calcom/node_modules/next/dist/server/api-utils.js:101:15) 2022-02-22T16:26:01.391613598Z at runMicrotasks (<anonymous>) 2022-02-22T16:26:01.391617710Z at processTicksAndRejections (internal/process/task_queues.js:95:5) 2022-02-22T16:26:01.391621376Z at async NextNodeServer.runApi (/calcom/node_modules/next/dist/server/next-server.js:319:9) 2022-02-22T16:26:01.391625003Z at async Object.fn (/calcom/node_modules/next/dist/server/base-server.js:486:37) 2022-02-22T16:26:01.391628618Z at async Router.execute (/calcom/node_modules/next/dist/server/router.js:228:32) { 2022-02-22T16:26:01.391632681Z code: 'NO_SECRET'

I tried adding ' NEXTAUTH_SECRET' in env variables but it did not work.

Any ideas ?
@drestrepob
Copy link

drestrepob commented Apr 4, 2022
edited
Loading

Were you able to get this fixed?

@alonsomoya
Copy link

I faced the same, and managed to fix it by adding all envars from https://github.com/calcom/cal.com/blob/main/.env.example

      - env:
        - name: POSTGRES_USER
          value: postgres
        - name: POSTGRES_PASSWORD
          value: XXXX
        - name: POSTGRES_DB
          value: calendso
        - name: DATABASE_HOST
          value: postgres-postgresql.postgres.svc.cluster.local:5432
        - name: DATABASE_URL
          value: postgresql://postgres:XXXX@postgres-postgresql.postgres.svc.cluster.local:5432
        - name: BASE_URL
          value: http://localhost:3000
        - name: NEXT_PUBLIC_WEBAPP_URL
          value: http://localhost:3000
        - name: NEXT_PUBLIC_APP_URL
          value: http://localhost:3000
        - name: NEXTAUTH_URL
          value: http://localhost:3000
        - name: NEXT_PUBLIC_LICENSE_CONSENT
        - name: LICENSE
        - name: NODE_ENV
          value: production
        - name: MS_GRAPH_CLIENT_ID
        - name: MS_GRAPH_CLIENT_SECRET
        - name: ZOOM_CLIENT_ID
        - name: ZOOM_CLIENT_SECRET
        - name: SAML_DATABASE_URL
        - name: SAML_ADMINS
        - name: PGSSLMODE
        - name: JWT_SECRET
          value: secret
        - name: NEXTAUTH_COOKIE_DOMAIN
          value: .example.com
        - name: CALENDSO_ENCRYPTION_KEY
        - name: NEXT_PUBLIC_INTERCOM_APP_ID
        - name: NEXT_PUBLIC_ZENDESK_KEY
        - name: NEXT_PUBLIC_HELPSCOUT_KEY
        - name: NEXT_PUBLIC_IS_E2E
        - name: EMAIL_FROM
          value: mail@example.com

@krumware
Copy link
Member

please try again with latest instructions

Leopere pushed a commit to Leopere/calcom-docker that referenced this issue Aug 1, 2022
Significant Refactor.
73b2e61 
- added numerous environment variable changes such as implied defaults that can be overriden.
- skipped out on using git modules and just pull repo into build/launch step.  Adherance to license requires no repackaging and this solves this.
- cleaned up now unnecessary .env file.
- recycled environment section using yaml features.
- writing a few strings to config path to persist data between container starts that focus on cryptography and secrets.
- writing installed commit to the config path in case the end user needs to change the upstream git commit ID to a newer version for detection and automagic upgrades.
- added docker-compose.override.yml pattern to .gitignore to allow users to customize their local dev environment if they use docker-compose.yml
- wrote a dockerfile/container image which allows for uploading the base container to a private or public docker container registry without breaking the license rules.
- left .env ignore in case users wish to continue to use the old method.
- updated README.md to include updated simplified instructions.
- added start.sh script and wait-for-it.sh into the shell $PATH to allow for a potential future of allowing the main executable (node JS app) to run under a limited privilege user while still allowing the init scripts to be executed securely.
- added some input sanitation for certain critical variables.
- by default disabled/commented out the studio service as its not to typically be run to enforce better default deployment practices.  I would like to figure out what specific query to execute via the CLI instead of running a whole container to establish the first user in the end.
- wrote relatively unopinionated docker-compose.yml file to avoid causing problems for people trying to deploy this behind a reverse proxy for potential features such as TLS/HTTPS termination.
- upgraded compose version to latest '3.9' to be sure to enable most modern feature set.

Fixes calcom#87 by providing a working baseline with sober defaults.
Fixes calcom#88 by ensuring consistency across all containers Environment vars.
Fixes calcom#93 by allowing users to mount the application files within their IDE workspace, however, this will never solve for any times you will need to run yarn build steps.
Fixes calcom#99 by no longer using git submodules and just pulling a single commit depth copy of the ORIGIN repository on app bootstrap/first boot.
Fixes calcom#113 by no longer requiring build locally if the community maintainer of the Cal docker repository on GitHub will push this image to the hub.
Fixes calcom#121 by removing dependency on BuildKit this is done by simply deploying the app if its detected to be the first execution of this container be it due to no container persistence or a commit version upgrade from ORIGIN.
Fixes calcom#128 by removing dep on BuildKit
Fixes calcom#123 not replicatable and confirmed to be working in repository shipped state.
Fixes calcom#136 by building app on first launch from user define-able envvars which can be defined in numerous ways.
@Leopere Leopere linked a pull request Aug 1, 2022 that will close this issue
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Significant Refactor Leopere/calcom-docker
4 participants
@7aklhz @alonsomoya @krumware @drestrepob