Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] SIGHUP behavior to reload jwt-secret #1119

Closed
sevagh opened this issue May 25, 2018 · 2 comments · Fixed by #1544
Closed

[Question] SIGHUP behavior to reload jwt-secret #1119

sevagh opened this issue May 25, 2018 · 2 comments · Fixed by #1544
Labels
enhancement a feature, ready for implementation

Comments

@sevagh
Copy link

sevagh commented May 25, 2018

Environment

  • PostgreSQL version: 10
  • PostgREST version: (if using docker, specify the image) 4.4
  • Operating system: Linux

Description of issue

(Expected behavior vs actual behavior)
I source my JWT secret from a file:

## choose a secret to enable JWT auth
## (use "@filename" to load from separate file)
jwt-secret = "@/secrest/jwt.secret"

When I change this file and send Postgrest a SIGHUP, it reloads itself:

Listening on port 3000
Attempting to connect to the database...
Connection successful

However I don't think it re-reads the contents of the JWT secret file. Is it supposed to?

My goal is to rotate the JWT signing key (for a sort of primitive "revocation" of pre-existing tokens).
@sevagh sevagh changed the title [Question] SIGHUP behavior - reload [Question] SIGHUP behavior to reload jwt-secret May 25, 2018
@steve-chavez
Copy link
Member

steve-chavez commented May 25, 2018
edited
Loading

True, as it is now SIGHUP doesn't reload the configuration file, it only refreshes PostgREST schema cache, maybe a SIGUSR1 would've been more appropriate for this since SIGHUP has a standard behavior.

@steve-chavez steve-chavez added the enhancement a feature, ready for implementation label May 25, 2018
@Qu4tro Qu4tro mentioned this issue May 1, 2019
Closed
@steve-chavez steve-chavez mentioned this issue Dec 19, 2019
Closed
@steve-chavez
Copy link
Member

For anyone wanting to help with this one, #1289(an attempt on solving this) contains some additional hints on the implementation.

@steve-chavez steve-chavez mentioned this issue Jun 15, 2020
Merged
@wolfgangwalther wolfgangwalther mentioned this issue Jan 26, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement a feature, ready for implementation
Milestone
No milestone
2 participants
@steve-chavez @sevagh