Hi SuccessfulKoala55 ! That's what I thought too. I was following the docs on how to best secure the server https://clear.ml/docs/latest/docs/deploying_clearml/clearml_server_security and so did the SSL, set up the fixed users, set up object storage, then for the secrets I set them as environment variables in the docker compose file and I set all of the variables list there so:
CLEARML__SECURE__HTTP__SESSION_SECRET__APISERVER: "new-secret-string" CLEARML__SECURE__AUTH__TOKEN_SECRET: "new-secret-string" CLEARML__SECURE__CREDENTIALS__APISERVER__USER_KEY: "new-key-string" CLEARML__SECURE__CREDENTIALS__APISERVER__USER_SECRET: "new-secret-string" CLEARML__SECURE__CREDENTIALS__WEBSERVER__USER_KEY: "new-key-string" CLEARML__SECURE__CREDENTIALS__WEBSERVER__USER_SECRET: "new-secret-string" CLEARML__SECURE__CREDENTIALS__TESTS__USER_KEY: "new-key-string" CLEARML__SECURE__CREDENTIALS__TESTS__USER_SECRET: "new-secret-string"
I just generated some random strings, but when I took the server down then up again with docker-compose after doing that, I could no longer log in with any of the fixed users info.