generate_secrets: Enable memcached authentication in production.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2025-11-09 16:37:23 +00:00 · 2020-01-02 16:30:40 -08:00
parent 1ba48a04da
commit 97322dd195
5 changed files with 73 additions and 16 deletions
--- a/scripts/setup/generate_secrets.py
+++ b/scripts/setup/generate_secrets.py
@@ -17,6 +17,7 @@ import argparse
 import uuid
 import configparser
 from zerver.lib.utils import generate_random_token
+from zproject import settings

 os.chdir(os.path.join(os.path.dirname(__file__), '..', '..'))

@@ -80,6 +81,13 @@ def generate_secrets(development=False):
    if need_secret('camo_key'):
        add_secret('camo_key', get_random_string(64))

+    if (
+        not development
+        and settings.MEMCACHED_LOCATION == "127.0.0.1:11211"
+        and need_secret("memcached_password")
+    ):
+        add_secret("memcached_password", generate_random_token(64))
+
    # zulip_org_key is generated using os.urandom().
    # zulip_org_id does not require a secure CPRNG,
    # it only needs to be unique.