Skip to content

docs: align docker-compose env docs with #7907 (required credentials, TRUST_PROXY default)#7908

Draft
JohnMcLear wants to merge 1 commit into
ether:developfrom
JohnMcLear:docs-docker-compose-env
Draft

docs: align docker-compose env docs with #7907 (required credentials, TRUST_PROXY default)#7908
JohnMcLear wants to merge 1 commit into
ether:developfrom
JohnMcLear:docs-docker-compose-env

Conversation

@JohnMcLear

Copy link
Copy Markdown
Member

Follow-up to #7907 (merged), which changed docker-compose.yml to require ADMIN_PASSWORD and the database password and to default TRUST_PROXY to false — but didn't touch the docs/templates. This brings them in line.

Changes

  • .env.default — document DOCKER_COMPOSE_APP_TRUST_PROXY (set true only behind a trusted reverse proxy; otherwise HTTPS detection / secure cookies and client-IP handling are wrong), and note that DOCKER_COMPOSE_APP_ADMIN_PASSWORD is now required (compose won't start while it's empty).
  • .env.dev.default — document the dev equivalent DOCKER_COMPOSE_APP_DEV_ENV_TRUST_PROXY (defaults true in docker-compose.dev.yml).
  • README.md / doc/docker.md — refresh the embedded compose snippets, which still showed the old :-admin / TRUST_PROXY:-true defaults.

Notes

🤖 Generated with Claude Code

…#7907 follow-up)

ether#7907 made the production docker-compose require ADMIN_PASSWORD and the DB
password (no insecure fallback) and defaulted TRUST_PROXY to false, but only
changed docker-compose.yml. This brings the docs in line:

- .env.default: document DOCKER_COMPOSE_APP_TRUST_PROXY (set true behind a
  trusted reverse proxy) and note ADMIN_PASSWORD is required (compose won't
  start while it's empty).
- .env.dev.default: document the dev DOCKER_COMPOSE_APP_DEV_ENV_TRUST_PROXY.
- README.md / doc/docker.md: update the embedded compose snippets to match the
  merged file (required ADMIN_PASSWORD/DB password, TRUST_PROXY default false).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@qodo-code-review

Copy link
Copy Markdown

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

@qodo-free-for-open-source-projects

qodo-free-for-open-source-projects Bot commented Jun 7, 2026

Copy link
Copy Markdown

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (0)

Grey Divider


Remediation recommended

1. Missing final newline 🐞 Bug ⚙ Maintainability
Description
.env.dev.default still has no trailing newline, violating the repo’s EditorConfig and potentially
causing formatting/lint noise or messy diffs on future edits.
Code

.env.dev.default[22]

DOCKER_COMPOSE_POSTGRES_DEV_ENV_POSTGRES_USER=etherpad-lite-user
Evidence
The repository’s EditorConfig requires a final newline, but .env.dev.default ends at the last
variable assignment without one (also indicated by the PR diff’s No newline at end of file
marker).

.editorconfig[1-9]
.env.dev.default[14-22]

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The file `.env.dev.default` does not end with a newline, which violates the repository’s `.editorconfig` setting `insert_final_newline = true`.

### Issue Context
This PR modifies `.env.dev.default` but retains the missing final newline, which can trigger formatting checks and create awkward diffs.

### Fix Focus Areas
- `.env.dev.default[22-22]`

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


Grey Divider

Qodo Logo

@qodo-free-for-open-source-projects

Copy link
Copy Markdown

Review Summary by Qodo

Document docker-compose credential and TRUST_PROXY changes from #7907

📝 Documentation

Grey Divider

Walkthroughs

Description
• Document required credentials and TRUST_PROXY security settings
• Update docker-compose snippets to reflect #7907 breaking changes
• Add TRUST_PROXY configuration guidance for reverse proxy deployments
• Clarify ADMIN_PASSWORD and database password requirements
Diagram
flowchart LR
  A["#7907 Changes<br/>docker-compose.yml"] -->|"Require credentials<br/>Default TRUST_PROXY=false"| B["Documentation Updates"]
  B --> C[".env.default<br/>Add TRUST_PROXY docs"]
  B --> D[".env.dev.default<br/>Add dev TRUST_PROXY"]
  B --> E["README.md & doc/docker.md<br/>Update compose snippets"]
  C --> F["Security Guidance<br/>for Reverse Proxy"]
  D --> F
  E --> G["Reflect Breaking Changes<br/>in Examples"]

Loading

Grey Divider

File Changes

1. .env.default 📝 Documentation +10/-0

Document required credentials and TRUST_PROXY settings

• Added comprehensive documentation for DOCKER_COMPOSE_APP_ADMIN_PASSWORD marking it as required
 with security warning
• Added DOCKER_COMPOSE_APP_TRUST_PROXY variable with detailed guidance on reverse proxy
 configuration
• Explained security implications of TRUST_PROXY setting for HTTPS detection and client-IP handling

.env.default


2. .env.dev.default 📝 Documentation +4/-0

Add dev environment TRUST_PROXY configuration

• Added DOCKER_COMPOSE_APP_DEV_ENV_TRUST_PROXY variable with default value true
• Documented that dev environment defaults differ from production for convenience
• Provided guidance for disabling when not behind reverse proxy

.env.dev.default


3. README.md 📝 Documentation +4/-4

Update compose snippet to reflect breaking changes

• Updated ADMIN_PASSWORD from optional with :-admin fallback to required with error message
• Updated DB_PASS from optional with :-admin fallback to required with error message
• Changed TRUST_PROXY default from true to false to match #7907 changes
• Updated postgres service POSTGRES_PASSWORD to required with error message

README.md



4. doc/docker.md 📝 Documentation +4/-4

Update compose snippet to reflect breaking changes

• Updated ADMIN_PASSWORD from optional with :-admin fallback to required with error message
• Updated DB_PASS from optional with :-admin fallback to required with error message
• Changed TRUST_PROXY default from true to false to match #7907 changes
• Updated postgres service POSTGRES_PASSWORD to required with error message

doc/docker.md


Grey Divider

Qodo Logo

@JohnMcLear JohnMcLear marked this pull request as draft June 22, 2026 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant