docs/protect-an-instance: emphasize a warning in env variable section

This commit is contained in:
wukko 2024-10-20 16:31:55 +06:00
parent 90114bdbea
commit 5ce3a941f9
No known key found for this signature in database
GPG key ID: 3E30B3F26C7B4AA2

View file

@ -37,7 +37,9 @@ you've successfully created a turnstile widget! time to add it to your processin
### enable turnstile on your processing instance
this tutorial assumes that you only have `API_URL` in your `environment` variables list.
if you have other variables there, just add new ones after existing ones.
**example values in the tutorial should never be used**.
> [!IMPORTANT]
> never use any of the values from the tutorial, especially `JWT_SECRET`!
1. open your `docker-compose.yml` config file in any text editor of choice.
2. copy the turnstile sitekey & secret key and paste them to their respective variables. `TURNSTILE_SITEKEY` for the sitekey and `TURNSTILE_SECRET` for the secret key:
@ -47,7 +49,7 @@ environment:
TURNSTILE_SITEKEY: "2x00000000000000000000BB" # use your key
TURNSTILE_SECRET: "2x0000000000000000000000000000000AA" # use your key
```
3. generate a `JWT_SECRET`. we recommend using an alphanumeric collection with a length of at least 64 characters. this string will be used as salt for all JWT keys. **do NOT use the example secret**.
3. generate a `JWT_SECRET`. we recommend using an alphanumeric collection with a length of at least 64 characters. this string will be used as salt for all JWT keys.
```yml
environment: