make Dockerfile add a random value and put it on filesystem to be picked up in main.py -> for app.config['SECRET_KEY]

Dockerfile

@@ -23,6 +23,8 @@ RUN apt-get update && \
 
 RUN pip3 install --upgrade pip
 RUN pip3 install -U -r requirements.txt
+RUN cat /dev/urandom | head -c 50 | md5sum | head -c 32 > /code/.sk
+RUN chmod 600 .sk
 EXPOSE 80
 # NOTE, wrapper.sh will use sudo to work in PROD and DEV AS the correct
 # BOOK_UID/BOOK_GID as pybook user and group

main.py

@@ -32,7 +32,13 @@ else:
 
 app.config['SQLALCHEMY_DATABASE_URI'] = DB_URL
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
-app.config.from_mapping( SECRET_KEY=b'\xd6\x04\xbdj\xfe\xed$c\x1e@\xad\x0f\x13,@G')
+
+# if in prod, Dockerfile will generate a random string and place it in /code/.sk
+try:
+    with open('/code/.sk') as f:
+        app.config['SECRET_KEY'] = f.read()
+except Exception:
+    app.config['SECRET_KEY'] = b'my_insecure_pybook_token_with_random_a897s987f98as7df9as87df9safd' 
 
 # ldap config vars: (the last one is required, or python ldap freaks out)
 app.config['LDAP_HOST'] = 'mara.ddp.net'