Remove hardcoded secrets from public repo

- Remove default password fallback from POSTGRES_PASSWORD in docker-compose.yml - Remove default password fallback from db.py and migrate.py - Update .env.example with required POSTGRES_PASSWORD - Update README to mark DATABASE_URL as required Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 18:46:59 +00:00
parent 8f1ba74c53
commit fbf188afdc
5 changed files with 13 additions and 12 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,5 +1,8 @@
 # L2 Server Configuration

+# PostgreSQL password (REQUIRED - no default)
+POSTGRES_PASSWORD=changeme-generate-with-openssl-rand-hex-16
+
 # Domain for this ActivityPub server
 ARTDAG_DOMAIN=artdag.rose-ash.com

--- a/README.md
+++ b/README.md
@@ -27,7 +27,7 @@ pip install -r requirements.txt
 # Configure
 export ARTDAG_DOMAIN=artdag.example.com
 export ARTDAG_USER=giles
-export DATABASE_URL=postgresql://artdag:artdag@localhost:5432/artdag
+export DATABASE_URL=postgresql://artdag:$POSTGRES_PASSWORD@localhost:5432/artdag
 export L1_SERVERS=https://celery-artdag.example.com

 # Generate signing keys (required for federation)
@@ -52,7 +52,7 @@ docker stack deploy -c docker-compose.yml artdag-l2
 | `ARTDAG_DOMAIN` | `artdag.rose-ash.com` | Domain for ActivityPub actors |
 | `ARTDAG_USER` | `giles` | Default username |
 | `ARTDAG_DATA` | `~/.artdag/l2` | Data directory |
-| `DATABASE_URL` | `postgresql://artdag:artdag@localhost:5432/artdag` | PostgreSQL connection |
+| `DATABASE_URL` | **(required)** | PostgreSQL connection |
 | `L1_SERVERS` | - | Comma-separated list of L1 server URLs |
 | `JWT_SECRET` | (generated) | JWT signing secret |
 | `HOST` | `0.0.0.0` | Server bind address |
--- a/db.py
+++ b/db.py
@@ -32,10 +32,9 @@ def _parse_timestamp(ts) -> datetime:
 _pool: Optional[asyncpg.Pool] = None

 # Configuration from environment
-DATABASE_URL = os.environ.get(
-    "DATABASE_URL",
-    "postgresql://artdag:artdag@localhost:5432/artdag"
-)
+DATABASE_URL = os.environ.get("DATABASE_URL")
+if not DATABASE_URL:
+    raise RuntimeError("DATABASE_URL environment variable is required")

 # Schema for database initialization
 SCHEMA = """
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,7 +5,7 @@ services:
    image: postgres:16-alpine
    environment:
      POSTGRES_USER: artdag
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-artdag}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: artdag
    volumes:
      - postgres_data:/var/lib/postgresql/data
@@ -45,7 +45,7 @@ services:
      - .env
    environment:
      - ARTDAG_DATA=/data/l2
-      - DATABASE_URL=postgresql://artdag:${POSTGRES_PASSWORD:-artdag}@postgres:5432/artdag
+      - DATABASE_URL=postgresql://artdag:${POSTGRES_PASSWORD}@postgres:5432/artdag
      - IPFS_API=/dns/ipfs/tcp/5001
      - ANCHOR_BACKUP_DIR=/data/anchors
      # ARTDAG_DOMAIN, ARTDAG_USER, JWT_SECRET from .env file
--- a/migrate.py
+++ b/migrate.py
@@ -27,10 +27,9 @@ import asyncpg

 # Configuration
 DATA_DIR = Path(os.environ.get("ARTDAG_DATA", str(Path.home() / ".artdag" / "l2")))
-DATABASE_URL = os.environ.get(
-    "DATABASE_URL",
-    "postgresql://artdag:artdag@localhost:5432/artdag"
-)
+DATABASE_URL = os.environ.get("DATABASE_URL")
+if not DATABASE_URL:
+    raise RuntimeError("DATABASE_URL environment variable is required")

 SCHEMA = """
 -- Drop existing tables (careful in production!)