FIX: Use sessionKeysFile for Zot OIDC session encryption
- Change from hashKeyFile/blockKeyFile inside sessionDriver to sessionKeysFile at auth config level - Update ExternalSecret to generate session-keys.json with both hashKey and encryptKey in correct JSON format - Fix securecookie validation error during OIDC callback
This commit is contained in:
@@ -100,11 +100,8 @@ persistence:
|
||||
type: secret
|
||||
name: zot-session-keys
|
||||
globalMounts:
|
||||
- path: /etc/zot/session-hashkey
|
||||
subPath: hashKey
|
||||
readOnly: true
|
||||
- path: /etc/zot/session-blockkey
|
||||
subPath: blockKey
|
||||
- path: /etc/zot/session-keys.json
|
||||
subPath: session-keys.json
|
||||
readOnly: true
|
||||
|
||||
configMaps:
|
||||
@@ -146,12 +143,11 @@ configMaps:
|
||||
}
|
||||
}
|
||||
},
|
||||
"sessionKeysFile": "/etc/zot/session-keys.json",
|
||||
"sessionDriver": {
|
||||
"name": "redis",
|
||||
"url": "redis://authelia-redis-master.authelia.svc.cluster.local:6379",
|
||||
"keyprefix": "zot",
|
||||
"hashKeyFile": "/etc/zot/session-hashkey",
|
||||
"blockKeyFile": "/etc/zot/session-blockkey"
|
||||
"keyprefix": "zot"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user