refactor(config): enforce runtime auth secret policy

2026-03-30 23:40:00 +02:00
parent 7bcc831b5c
commit a7362f17bd
8 changed files with 181 additions and 8 deletions
@@ -52,10 +52,10 @@ services:
    ports:
      - "3100:3100"
    environment:
-      DATABASE_URL: postgresql://capakraken:capakraken_dev@postgres:5432/capakraken
-      REDIS_URL: redis://redis:6379
-      NEXTAUTH_URL: http://localhost:3100
-      NEXTAUTH_SECRET: dev-secret-change-in-production
+      DATABASE_URL: ${DATABASE_URL:-postgresql://capakraken:capakraken_dev@postgres:5432/capakraken}
+      REDIS_URL: ${REDIS_URL:-redis://redis:6379}
+      NEXTAUTH_URL: ${NEXTAUTH_URL:-http://localhost:3100}
+      NEXTAUTH_SECRET: ${NEXTAUTH_SECRET:?set NEXTAUTH_SECRET}
    depends_on:
      postgres:
        condition: service_healthy
@@ -64,7 +64,7 @@ services:
    volumes:
      - .:/app
      - /app/node_modules
-      - /app/.next
+      - /app/apps/web/.next
    profiles:
      - full