From 0e56a94642284ae47524216ddee49bb9833df1df Mon Sep 17 00:00:00 2001 From: Lyuboslav Petrov Date: Sat, 28 Sep 2024 11:56:10 +0300 Subject: [PATCH] Remove sensitive .env file from history to prevent secrets exposure The .env file contained sensitive information such as API keys, passwords, and other secret data. To prevent unauthorized access or accidental leakage of these secrets, we have removed this file from our Git history and replaced it with an empty example.env file. Developers should create their own .env file based on the example.env template for their respective environments. Refactor: Remove sensitive config file (.env) --- .gitignore | 1 + docker-compose.yml | 63 +++++++-------------------------------------- .env => example.env | 1 + 3 files changed, 12 insertions(+), 53 deletions(-) create mode 100644 .gitignore rename .env => example.env (76%) diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000..2eea525d8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.env \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index c17d9299a..5dba4813b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,41 +17,24 @@ x-n8n: &service-n8n - DB_POSTGRESDB_PASSWORD=${POSTGRES_PASSWORD} - N8N_DIAGNOSTICS_ENABLED=false - N8N_PERSONALIZATION_ENABLED=false - - N8N_ENCRYPTION_KEY - - N8N_USER_MANAGEMENT_JWT_SECRET + - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY:-} + - N8N_USER_MANAGEMENT_JWT_SECRET=${N8N_USER_MANAGEMENT_JWT_SECRET:-} + - N8N_HOST=${N8N_HOST:-} + - N8N_PROTOCOL=https + - WEBHOOK_URL=${WEBHOOK_URL:-} + - NODE_FUNCTION_ALLOW_EXTERNAL=${NODE_FUNCTION_ALLOW_EXTERNAL:-axios,node-fetch} links: - postgres -x-ollama: &service-ollama - image: ollama/ollama:latest - container_name: ollama - networks: ['demo'] - restart: unless-stopped - ports: - - 11434:11434 - volumes: - - ollama_storage:/root/.ollama - -x-init-ollama: &init-ollama - image: ollama/ollama:latest - networks: ['demo'] - container_name: ollama-pull-llama - volumes: - - ollama_storage:/root/.ollama - entrypoint: /bin/sh - command: - - "-c" - - "sleep 3; OLLAMA_HOST=ollama:11434 ollama pull llama3.1" - services: postgres: image: postgres:16-alpine networks: ['demo'] restart: unless-stopped environment: - - POSTGRES_USER - - POSTGRES_PASSWORD - - POSTGRES_DB + - POSTGRES_USER=${POSTGRES_USER:-} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-} + - POSTGRES_DB={POSTGRES_DB:-} volumes: - postgres_storage:/var/lib/postgresql/data healthcheck: @@ -64,6 +47,7 @@ services: <<: *service-n8n container_name: n8n-import entrypoint: /bin/sh + command: - "-c" - "n8n import:credentials --separate --input=/backup/credentials && n8n import:workflow --separate --input=/backup/workflows" @@ -98,30 +82,3 @@ services: - 6333:6333 volumes: - qdrant_storage:/qdrant/storage - - ollama-cpu: - profiles: ["cpu"] - <<: *service-ollama - - ollama-gpu: - profiles: ["gpu-nvidia"] - <<: *service-ollama - deploy: - resources: - reservations: - devices: - - driver: nvidia - count: 1 - capabilities: [gpu] - - ollama-pull-llama-cpu: - profiles: ["cpu"] - <<: *init-ollama - depends_on: - - ollama-cpu - - ollama-pull-llama-gpu: - profiles: ["gpu-nvidia"] - <<: *init-ollama - depends_on: - - ollama-gpu diff --git a/.env b/example.env similarity index 76% rename from .env rename to example.env index aefa9587b..664397b0d 100644 --- a/.env +++ b/example.env @@ -4,3 +4,4 @@ POSTGRES_DB=n8n N8N_ENCRYPTION_KEY=super-secret-key N8N_USER_MANAGEMENT_JWT_SECRET=even-more-secret +NODE_FUNCTION_ALLOW_EXTERNAL=axios,node-fetch