Trek_CN/server
jubnl 871bfd7dfd
fix: make ENCRYPTION_KEY optional with backwards-compatible fallback
process.exit(1) when ENCRYPTION_KEY is unset was a breaking change for
existing installs — a plain git pull would prevent the server from
starting.

Replace with a three-step fallback:
  1. ENCRYPTION_KEY env var (explicit, takes priority)
  2. data/.jwt_secret (existing installs: encrypted data stays readable
     after upgrade with zero manual intervention)
  3. data/.encryption_key auto-generated on first start (fresh installs)

A warning is logged when falling back to the JWT secret so operators
are nudged toward setting ENCRYPTION_KEY explicitly.

Update README env table and Docker Compose comment to reflect that
ENCRYPTION_KEY is recommended but no longer required.
2026-04-01 09:50:17 +02:00
..
public Merge branch 'perf-test' of https://github.com/jubnl/TREK into dev 2026-03-31 23:10:02 +02:00
scripts feat: add encryption key migration script and document it in README 2026-04-01 09:35:32 +02:00
src fix: make ENCRYPTION_KEY optional with backwards-compatible fallback 2026-04-01 09:50:17 +02:00
.env.example fix: add SSRF protection for link preview and Immich URL 2026-04-01 07:59:03 +02:00
package-lock.json Merge branch 'pr-125' 2026-03-30 23:10:34 +02:00
package.json Merge branch 'pr-125' 2026-03-30 23:10:34 +02:00
reset-admin.js Stabilize core: better-sqlite3, versioned migrations, graceful shutdown 2026-03-22 17:52:24 +01:00
tsconfig.json some fixes 2026-03-30 06:59:24 +02:00