From 5ce3a941f9ef345a74439bfffdb33fb9c417ff39 Mon Sep 17 00:00:00 2001 From: wukko Date: Sun, 20 Oct 2024 16:31:55 +0600 Subject: [PATCH] docs/protect-an-instance: emphasize a warning in env variable section --- docs/protect-an-instance.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/protect-an-instance.md b/docs/protect-an-instance.md index 7c9bec7b..c95bf135 100644 --- a/docs/protect-an-instance.md +++ b/docs/protect-an-instance.md @@ -37,7 +37,9 @@ you've successfully created a turnstile widget! time to add it to your processin ### enable turnstile on your processing instance this tutorial assumes that you only have `API_URL` in your `environment` variables list. if you have other variables there, just add new ones after existing ones. -**example values in the tutorial should never be used**. + +> [!IMPORTANT] +> never use any of the values from the tutorial, especially `JWT_SECRET`! 1. open your `docker-compose.yml` config file in any text editor of choice. 2. copy the turnstile sitekey & secret key and paste them to their respective variables. `TURNSTILE_SITEKEY` for the sitekey and `TURNSTILE_SECRET` for the secret key: @@ -47,7 +49,7 @@ environment: TURNSTILE_SITEKEY: "2x00000000000000000000BB" # use your key TURNSTILE_SECRET: "2x0000000000000000000000000000000AA" # use your key ``` -3. generate a `JWT_SECRET`. we recommend using an alphanumeric collection with a length of at least 64 characters. this string will be used as salt for all JWT keys. **do NOT use the example secret**. +3. generate a `JWT_SECRET`. we recommend using an alphanumeric collection with a length of at least 64 characters. this string will be used as salt for all JWT keys. ```yml environment: