Ryfujk

What is /etc/mtab in Linux?

Is there an efficient way for synchronising audio events real-time with LEDs using an MCU?

Does using the Inspiration rules for character defects encourage My Guy Syndrome?

Is a self contained air-bullet cartridge feasible?

Arriving in Atlanta after US Preclearance in Dublin. Will I go through TSA security in Atlanta to transfer to a connecting flight?

How would you suggest I follow up with coworkers about our deadline that's today?

Why do people think Winterfell crypts is the safest place for women, children and old people?

My admission is revoked after accepting the admission offer

/bin/ls sorts differently than just ls

What's parked in Mil Moscow helicopter plant?

Determinant of a matrix with 2 equal rows

Coin Game with infinite paradox

How to translate "red flag" into Spanish?

Does a Draconic Bloodline sorcerer's doubled proficiency bonus for Charisma checks against dragons apply to all dragon types or only the chosen one?

false 'Security alert' from Google - every login generates mails from 'no-reply@accounts.google.com'

How can I wire a 9-position switch so that each position turns on one more LED than the one before?

What happened to Viserion in Season 7?

Where can I find how to tex symbols for different fonts?

What is a 'Key' in computer science?

Protagonist's race is hidden - should I reveal it?

Suing a Police Officer Instead of the Police Department

Why isn't everyone flabbergasted about Bran's "gift"?

What was Apollo 13's "Little Jolt" after MECO?

Is there a verb for listening stealthily?

In airflow's configuration file `airflow.cfg` what is the `secret_key`, and do I have to set it?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}

0

As a comment above the value, it says # Secret key used to run your flask app, but that doesn't tell me much. Currently it is set to secret_key = temporary_key, but that seems unsafe. We have set up password protection on the webservice, and it is backed by postgres running on Ubuntu 14/16.

flask

share|improve this question

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

add a comment | 

0

As a comment above the value, it says # Secret key used to run your flask app, but that doesn't tell me much. Currently it is set to secret_key = temporary_key, but that seems unsafe. We have set up password protection on the webservice, and it is backed by postgres running on Ubuntu 14/16.

flask

share|improve this question

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

add a comment | 

As a comment above the value, it says # Secret key used to run your flask app, but that doesn't tell me much. Currently it is set to secret_key = temporary_key, but that seems unsafe. We have set up password protection on the webservice, and it is backed by postgres running on Ubuntu 14/16.

flask

share|improve this question

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

share|improve this question

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

share|improve this question

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

edited Jan 5 at 21:43

Michael Hampton♦

175k27321651

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

asked Jan 5 at 21:11

André Christoffer AndersenAndré Christoffer Andersen

1318

1 Answer
1

active

oldest

votes

0

From the Flask documentation, the secret_key is a Flask setting which is used to keep client sessions secure. The Airflow documentation however doesn't really mention it (even in the Security section), nor that it should be changed from the default of temporary_key. It should be changed to a random key of your choice.

You can generate it with the Python command shown in the Flask docs:
python -c 'import os; print(os.urandom(16))'

Or, since the secret_key may be in unicode, you can use any online key generator to create one. My preference is to use the Django secret key generator.

Generate the key and copy-paste into your airflow.cfg, restarting the Airflow webserver afterwards.

share

answered 2 mins ago

BjornBjorn

1

New contributor

Bjorn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f947745%2fin-airflows-configuration-file-airflow-cfg-what-is-the-secret-key-and-do-i%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

From the Flask documentation, the secret_key is a Flask setting which is used to keep client sessions secure. The Airflow documentation however doesn't really mention it (even in the Security section), nor that it should be changed from the default of temporary_key. It should be changed to a random key of your choice.

You can generate it with the Python command shown in the Flask docs:
python -c 'import os; print(os.urandom(16))'

Or, since the secret_key may be in unicode, you can use any online key generator to create one. My preference is to use the Django secret key generator.

Generate the key and copy-paste into your airflow.cfg, restarting the Airflow webserver afterwards.

share

answered 2 mins ago

BjornBjorn

1

New contributor

Bjorn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

0

From the Flask documentation, the secret_key is a Flask setting which is used to keep client sessions secure. The Airflow documentation however doesn't really mention it (even in the Security section), nor that it should be changed from the default of temporary_key. It should be changed to a random key of your choice.

You can generate it with the Python command shown in the Flask docs:
python -c 'import os; print(os.urandom(16))'

Or, since the secret_key may be in unicode, you can use any online key generator to create one. My preference is to use the Django secret key generator.

Generate the key and copy-paste into your airflow.cfg, restarting the Airflow webserver afterwards.

share

answered 2 mins ago

BjornBjorn

1

New contributor

Bjorn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

From the Flask documentation, the secret_key is a Flask setting which is used to keep client sessions secure. The Airflow documentation however doesn't really mention it (even in the Security section), nor that it should be changed from the default of temporary_key. It should be changed to a random key of your choice.

You can generate it with the Python command shown in the Flask docs:
python -c 'import os; print(os.urandom(16))'

Or, since the secret_key may be in unicode, you can use any online key generator to create one. My preference is to use the Django secret key generator.

Generate the key and copy-paste into your airflow.cfg, restarting the Airflow webserver afterwards.

share

answered 2 mins ago

BjornBjorn

1

New contributor

Bjorn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share

answered 2 mins ago

BjornBjorn

1

New contributor

Bjorn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 2 mins ago

BjornBjorn

1

New contributor

Bjorn is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 2 mins ago

BjornBjorn

1