GitBook: [master] one page modified

2026-02-19 18:14:15 +08:00 · 2019-03-30 11:10:16 +00:00 · 2019-03-30 11:10:16 +00:00 · e9942fbc29
commit e9942fbc29
parent 60b62f1175
1 changed files with 12 additions and 0 deletions
--- a/general/fleet.md
+++ b/general/fleet.md
@ -142,6 +142,7 @@ fleet.refresh.interval=60

 # If set to DATABASE, fleet.admin.username and fleet.admin.password are not used.
 fleet.admin.authentication.type=PROPERTIES|DATABASE
+fleet.admin.secret=<your_secret_string>

 # User for management of images and repositories
 fleet.admin.username=test
@ -200,6 +201,17 @@ If you place a property in the system environment, ensure that the property uses
          user. The password is hashed using a strong key derivation function (PBKDF2).</p>
      </td>
    </tr>
+    <tr>
+      <td style="text-align:left"><code>fleet.admin.secret</code>
+      </td>
+      <td style="text-align:left">A string used as part of the password key derivation process. This secret
+        is prepended to the raw password before its key is derived, providing further
+        pseudo-randomness to hashed passwords. <b>Once set, this must not be changed!</b> It
+        is vital to remain the same, as it will be used during the password verification
+        step. If Fleet is restarted with this removed or set differently, the password
+        verification process will fail because previously hashed passwords will
+        have been derived with the old secret.</td>
+    </tr>
    <tr>
      <td style="text-align:left"><code>fleet.admin.username</code>
      </td>