Files
geo/deploy/ops-config.local.yaml.example
T
root b939cfa2fa
Deployment Config CI / Deployment Config (push) Successful in 27s
Backend CI / Backend (push) Successful in 15m4s
feat(auth): support per-deploy login password key override
Multi-replica deployments need every Pod/container to share one RSA private key, otherwise public keys handed to the browser may not match the key that decrypts the resulting ciphertext. Introduce a `*.local.yaml` override layer that ops-config and tenant-config both load on top of the base config, ship example overrides plus compose/k3s wiring, and tolerate PEM bodies that arrive folded or escaped from Secrets.
2026-05-14 11:54:40 +08:00

9 lines
366 B
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
auth:
password_cipher:
enabled: true
key_id: ops-password-rsa-oaep-v1
# 建议与租户端使用不同私钥。复制本文件为 ops-config.local.yaml
# 所有 ops-api 副本必须读取同一份私钥;不要提交生产私钥。
# 留空时应用会生成单进程临时私钥,只适合本机单副本试跑。
private_key_pem: ""