feat(auth): support per-deploy login password key override
Multi-replica deployments need every Pod/container to share one RSA private key, otherwise public keys handed to the browser may not match the key that decrypts the resulting ciphertext. Introduce a `*.local.yaml` override layer that ops-config and tenant-config both load on top of the base config, ship example overrides plus compose/k3s wiring, and tolerate PEM bodies that arrive folded or escaped from Secrets.
This commit is contained in:
+4
-1
@@ -6,6 +6,8 @@ dist/
|
||||
.env
|
||||
.env.local
|
||||
.env.signing
|
||||
deploy/config.local.yaml
|
||||
deploy/ops-config.local.yaml
|
||||
apps/*/.env.signing
|
||||
apps/*/dist/
|
||||
apps/*/out/
|
||||
@@ -23,4 +25,5 @@ apps/*/firefox-mv*/
|
||||
*.tmp
|
||||
apps/*/stats.html
|
||||
ops-api
|
||||
tmp/*
|
||||
tmp/*
|
||||
*.pem
|
||||
|
||||
Reference in New Issue
Block a user