diff --git a/modules/setting/lfs.go b/modules/setting/lfs.go index 140a96f9e..784a99582 100644 --- a/modules/setting/lfs.go +++ b/modules/setting/lfs.go @@ -53,6 +53,8 @@ func loadLFSFrom(rootCfg ConfigProvider) error { return nil } + LFS.JWTSecretBase64 = loadSecret(rootCfg.Section("lfs"), "LFS_JWT_SECRET_URI", "LFS_JWT_SECRET") + LFS.JWTSecretBytes = make([]byte, 32) n, err := base64.RawURLEncoding.Decode(LFS.JWTSecretBytes, []byte(LFS.JWTSecretBase64)) diff --git a/modules/setting/oauth2.go b/modules/setting/oauth2.go index 83c607a41..9113d72e8 100644 --- a/modules/setting/oauth2.go +++ b/modules/setting/oauth2.go @@ -116,6 +116,8 @@ func loadOAuth2From(rootCfg ConfigProvider) { return } + OAuth2.JWTSecretBase64 = loadSecret(rootCfg.Section("oauth2"), "JWT_SECRET_URI", "JWT_SECRET") + if !filepath.IsAbs(OAuth2.JWTSigningPrivateKeyFile) { OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile) } diff --git a/modules/setting/security.go b/modules/setting/security.go index c39eb7f3e..5f1f9f4ad 100644 --- a/modules/setting/security.go +++ b/modules/setting/security.go @@ -76,7 +76,7 @@ func loadSecret(sec ConfigSection, uriKey, verbatimKey string) string { // only file URIs are allowed default: - log.Fatal("Unsupported URI-Scheme %q (INTERNAL_TOKEN_URI = %q)", tempURI.Scheme, uri) + log.Fatal("Unsupported URI-Scheme %q (%q = %q)", tempURI.Scheme, uriKey, uri) return "" } }