From 05a4c8b2ac93796eae8f96e0546dfab77cb4af3c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Dec 2025 18:51:57 +0000 Subject: [PATCH 1/3] Initial plan From a8086d13e26739e83ed3fa3355e33b176d99c496 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Dec 2025 18:54:13 +0000 Subject: [PATCH 2/3] Setup default passwords in env.template Co-authored-by: Sulstice <11812946+Sulstice@users.noreply.github.com> --- env.template | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/env.template b/env.template index a3999b0..23c8976 100644 --- a/env.template +++ b/env.template @@ -9,7 +9,7 @@ # PostgreSQL Database Configuration # ---------------------------------------------------------------------------- POSTGRES_USER=postgres -POSTGRES_PASSWORD=your_secure_password_change_this +POSTGRES_PASSWORD=postgres POSTGRES_DB=brainkb POSTGRES_PORT=5432 @@ -19,7 +19,7 @@ POSTGRES_PORT=5432 DB_NAME=brainkb # make sure it matches with postgres db username and password DB_USER=postgres -DB_PASSWORD=your_secure_password_change_this +DB_PASSWORD=postgres # do not change unless you update the docker DB_HOST=postgres DB_PORT=5432 @@ -29,8 +29,8 @@ DB_PORT=5432 # ---------------------------------------------------------------------------- DJANGO_SUPERUSER_USERNAME=admin DJANGO_SUPERUSER_EMAIL=admin@brainkb.org -DJANGO_SUPERUSER_PASSWORD=your_secure_password_change_this -BRAINYPEDIA_APITOKEN_MANAGER_SECRET_KEY=your-django-secret-key-change-this-in-production +DJANGO_SUPERUSER_PASSWORD=admin +BRAINYPEDIA_APITOKEN_MANAGER_SECRET_KEY=django-insecure-default-key-change-in-production # ---------------------------------------------------------------------------- # JWT Configuration (for query_service and ml_service) @@ -41,7 +41,7 @@ JWT_POSTGRES_DATABASE_PORT=5432 # make sure it matches with postgres db username and password JWT_POSTGRES_DATABASE_USER=postgres -JWT_POSTGRES_DATABASE_PASSWORD=your_secure_password_change_this +JWT_POSTGRES_DATABASE_PASSWORD=postgres # ---------------------------------------------------------------------------- # Do not change the following # ---------------------------------------------------------------------------- @@ -56,8 +56,8 @@ JWT_ALGORITHM=HS256 # ---------------------------------------------------------------------------- # Each service has its own JWT secret key to prevent tokens from one service # from being used to authenticate with another service -QUERY_SERVICE_JWT_SECRET_KEY=your-query-service-jwt-secret-key-change-this-in-production -ML_SERVICE_JWT_SECRET_KEY=your-ml-service-jwt-secret-key-change-this-in-production +QUERY_SERVICE_JWT_SECRET_KEY=query-service-jwt-secret-key-default +ML_SERVICE_JWT_SECRET_KEY=ml-service-jwt-secret-key-default # ---------------------------------------------------------------------------- # Are not used, kept it for future @@ -81,7 +81,7 @@ PGADMIN_PORT=5051 # Oxigraph SPARQL Database Configuration # ---------------------------------------------------------------------------- OXIGRAPH_USER=admin -OXIGRAPH_PASSWORD=your_oxigraph_password_change_this +OXIGRAPH_PASSWORD=admin # ---------------------------------------------------------------------------- # Query Service Configuration @@ -91,7 +91,7 @@ ENV_STATE=production LOGTAIL_API_KEY= # this is your oxigraph username and password GRAPHDATABASE_USERNAME=admin -GRAPHDATABASE_PASSWORD=your_oxigraph_password_change_this +GRAPHDATABASE_PASSWORD=admin # ---------------------------------------------------------------------------- # Do not change the following, unless you use different graphdb/update docker # ---------------------------------------------------------------------------- @@ -107,7 +107,7 @@ WEB_CONCURRENCY=6 # pgAdmin Configuration (Optional - for PostgreSQL management) # ---------------------------------------------------------------------------- PGADMIN_DEFAULT_EMAIL=admin@brainkb.org -PGADMIN_DEFAULT_PASSWORD=your_secure_password_change_this +PGADMIN_DEFAULT_PASSWORD=admin PGADMIN_SERVER_NAME=BrainKB PostgreSQL From 98b598830352658db17ab9157135c2d0bb2487d6 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Dec 2025 18:55:13 +0000 Subject: [PATCH 3/3] Add security warnings for default passwords in env.template Co-authored-by: Sulstice <11812946+Sulstice@users.noreply.github.com> --- env.template | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/env.template b/env.template index 23c8976..4af58f5 100644 --- a/env.template +++ b/env.template @@ -8,6 +8,7 @@ # ---------------------------------------------------------------------------- # PostgreSQL Database Configuration # ---------------------------------------------------------------------------- +# WARNING: Change these default passwords in production! POSTGRES_USER=postgres POSTGRES_PASSWORD=postgres POSTGRES_DB=brainkb @@ -30,6 +31,7 @@ DB_PORT=5432 DJANGO_SUPERUSER_USERNAME=admin DJANGO_SUPERUSER_EMAIL=admin@brainkb.org DJANGO_SUPERUSER_PASSWORD=admin +# WARNING: Change this secret key in production! Use Django's get_random_secret_key() BRAINYPEDIA_APITOKEN_MANAGER_SECRET_KEY=django-insecure-default-key-change-in-production # ---------------------------------------------------------------------------- @@ -56,6 +58,7 @@ JWT_ALGORITHM=HS256 # ---------------------------------------------------------------------------- # Each service has its own JWT secret key to prevent tokens from one service # from being used to authenticate with another service +# WARNING: Change these JWT secret keys in production! Use strong random values QUERY_SERVICE_JWT_SECRET_KEY=query-service-jwt-secret-key-default ML_SERVICE_JWT_SECRET_KEY=ml-service-jwt-secret-key-default @@ -80,6 +83,7 @@ PGADMIN_PORT=5051 # ---------------------------------------------------------------------------- # Oxigraph SPARQL Database Configuration # ---------------------------------------------------------------------------- +# WARNING: Change these default passwords in production! OXIGRAPH_USER=admin OXIGRAPH_PASSWORD=admin @@ -106,6 +110,7 @@ WEB_CONCURRENCY=6 # ---------------------------------------------------------------------------- # pgAdmin Configuration (Optional - for PostgreSQL management) # ---------------------------------------------------------------------------- +# WARNING: Change these default passwords in production! PGADMIN_DEFAULT_EMAIL=admin@brainkb.org PGADMIN_DEFAULT_PASSWORD=admin PGADMIN_SERVER_NAME=BrainKB PostgreSQL