From a8ea7e09230f059a90f3c1b556243eabcff185ff Mon Sep 17 00:00:00 2001
From: Stefano Ortolani <ostefano@users.noreply.github.com>
Date: Tue, 13 Aug 2024 14:23:37 +0100
Subject: [PATCH] Add support for encryption key (#108)

---
 core/files/etc/misp-docker/initialisation.defaults.json | 4 ----
 core/files/etc/misp-docker/initialisation.envars.json   | 4 ++++
 docker-compose.yml                                      | 1 +
 template.env                                            | 2 ++
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/core/files/etc/misp-docker/initialisation.defaults.json b/core/files/etc/misp-docker/initialisation.defaults.json
index dff9fa3..438abbc 100644
--- a/core/files/etc/misp-docker/initialisation.defaults.json
+++ b/core/files/etc/misp-docker/initialisation.defaults.json
@@ -104,10 +104,6 @@
   "Security.check_sec_fetch_site_header": {
     "default_value": true
   },
-  "Security.encryption_key": {
-    "default_value": "",
-    "command_args": "-f"
-  },
   "Security.username_in_response_header": {
     "default_value": true
   },
diff --git a/core/files/etc/misp-docker/initialisation.envars.json b/core/files/etc/misp-docker/initialisation.envars.json
index 170ea32..4eefe62 100644
--- a/core/files/etc/misp-docker/initialisation.envars.json
+++ b/core/files/etc/misp-docker/initialisation.envars.json
@@ -26,5 +26,9 @@
   },
   "Plugin.Export_services_url": {
     "default_value": "${MISP_MODULES_FQDN}"
+  },
+  "Security.encryption_key": {
+    "default_value": "${ENCRYPTION_KEY}",
+    "command_args": "-f"
   }
 }
diff --git a/docker-compose.yml b/docker-compose.yml
index 07816fc..836f184 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -89,6 +89,7 @@ services:
       - "DISABLE_IPV6=${DISABLE_IPV6}"
       - "DISABLE_SSL_REDIRECT=${DISABLE_SSL_REDIRECT}"
       - "ENABLE_DB_SETTINGS=${ENABLE_DB_SETTINGS}"
+      - "ENCRYPTION_KEY=${ENCRYPTION_KEY}"
       # standard settings
       - "ADMIN_EMAIL=${ADMIN_EMAIL}"
       - "ADMIN_PASSWORD=${ADMIN_PASSWORD}"
diff --git a/template.env b/template.env
index ede3faf..b0bd268 100644
--- a/template.env
+++ b/template.env
@@ -44,6 +44,8 @@ CRON_USER_ID=
 BASE_URL=
 # store settings in db except those that must stay in config.php. true/false, defaults to false
 ENABLE_DB_SETTINGS=
+# encryption key. defaults to empty string
+ENCRYPTION_KEY=
 
 # defines the FQDN of the mail sub-system (defaults to 'mail')
 # SMTP_FQDN=