Migrate configs from env
note
You can skip this page if your Logto version is greater than or equal to v1.0.0-beta.11
.
Managing too many environment variables are not efficient and flexible, and itโs hard to keep a single source of truth when you have multiple containers running.
So we decided to move all possible technical configs to the database, including OIDC-related keys.
To make it smooth, make sure you have an original .env
file, or run the command in an environment that has the following variables:
OIDC_PRIVATE_KEYS=some_secret_key # Or OIDC_PRIVATE_KEY_PATHS
OIDC_COOKIE_KEYS=key1,key2
DB_URL=postgresql://localhost:5432/logto
Then run the command below:
- CLI
- npx
logto db seed oidc
# Or
logto db seed oidc --env /your/path/to/.env
npx @logto/cli db seed oidc
# Or
npx @logto/cli db seed oidc --env /your/path/to/.env
If everything goes well, you will see the message like:
[info] Read config oidc.privateKeys from env
[info] Read config oidc.cookieKeys from env
[info] Generated config oidc.refreshTokenReuseInterval
[info] โ Seed OIDC config
From now on, you can safely remove OIDC_PRIVATE_KEYS
and OIDC_COOKIE_KEYS
from the environment variables. Remember to restart your Logto instance to get the changes reflected.