docs:补充浏览器免重登 + CDROP_SESSION_SECRET 配置

- README:已落地补「浏览器免重登 + PWA」一项;prod 配置清单新增
  CDROP_SESSION_SECRET(prod 强制非空,缺则拒启动)
- .env.example、docker/compose.snippet.yaml:补 CDROP_SESSION_SECRET 模板项
This commit is contained in:
2026-06-16 01:08:05 +08:00
parent e51666c52e
commit e903b03afe
3 changed files with 9 additions and 2 deletions
+3
View File
@@ -14,6 +14,9 @@ CDROP_DEV_TOKEN=replace-with-32-byte-random-base64
# CDROP_OIDC_CLIENT_ID=your-client-id
# CDROP_OIDC_REDIRECT_URI=https://your-domain.example/oauth/callback
# CDROP_OIDC_SCOPES=openid profile email
# prod 强制非空:浏览器免重登会话的 refresh_token 落盘加密密钥(任意长度高熵串,
# 内部 SHA-256 派生为 32 字节 AES-256 密钥)。留空则 prod 启动期校验失败、拒启动。
# CDROP_SESSION_SECRET=
# CDROP_HS256_SECRET=
# CDROP_TURN_URL=stun:your-stun.example:3478