docs:补充浏览器免重登 + CDROP_SESSION_SECRET 配置

- README:已落地补「浏览器免重登 + PWA」一项;prod 配置清单新增
  CDROP_SESSION_SECRET(prod 强制非空,缺则拒启动)
- .env.example、docker/compose.snippet.yaml:补 CDROP_SESSION_SECRET 模板项
This commit is contained in:
2026-06-16 01:08:05 +08:00
parent e51666c52e
commit e903b03afe
3 changed files with 9 additions and 2 deletions
+2
View File
@@ -31,6 +31,8 @@ NN-cdrop:
# CDROP_OIDC_CLIENT_ID: <你的 OAuth client_id>
# CDROP_OIDC_REDIRECT_URI: https://your-domain.example/oauth/callback
# CDROP_OIDC_SCOPES: "openid profile email"
# prod 强制非空:浏览器免重登会话 refresh_token 落盘加密密钥(SHA-256 派生 AES-256
# CDROP_SESSION_SECRET: REPLACE_WITH_RANDOM_HEX64
# CDROP_HS256_SECRET: REPLACE_WITH_RANDOM_HEX64
# ---- 可选:Cloudflare Realtime TURN over TLS(不配则前端 STUN-only 兜底)----