From 1690d988142293a79b2b07cc5f89a81fb9c4887c Mon Sep 17 00:00:00 2001
From: Trevor Batley <trevor@batley.id.au>
Date: Sat, 18 Nov 2023 14:16:17 +1100
Subject: [PATCH] make web secret random

---
 koji-setup/koji-deploy-web.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/koji-setup/koji-deploy-web.sh b/koji-setup/koji-deploy-web.sh
index 15bb340..5292a9e 100644
--- a/koji-setup/koji-deploy-web.sh
+++ b/koji-setup/koji-deploy-web.sh
@@ -104,6 +104,8 @@ fi
 dnf install -y mod_ssl koji-web $QUIET
 
 # install locally
+# create secret
+SECRET="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 32)"
 mkdir -p /etc/kojiweb
 cat > /etc/kojiweb/web.conf <<- EOF
 [web]
@@ -114,7 +116,7 @@ WebCert = $KOJI_PKI_DIR/kojiweb.pem
 ClientCA = $KOJI_PKI_DIR/koji_ca_cert.crt
 KojiHubCA = $KOJI_PKI_DIR/koji_ca_cert.crt
 LoginTimeout = 72
-Secret = NITRA_IS_NOT_CLEAR
+Secret = "$SECRET"
 LibPath = /usr/share/koji-web/lib
 LiteralFooter = True
 EOF