Don't enforce longer SECRET_KEY_BASE than Phoenix (#1441)

Phoenix only requires SECRET_KEY_BASE to be longer than 32 characters. 32 characters even with hex encoding is 128 bits of entropy which is more than enough. Some secret generation tools only generate 32 characters/128 bits by default which makes this relatively arbitrary limit annoying. Let's change it to what Phoenix requires.

Don't enforce longer SECRET_KEY_BASE than Phoenix (#1441)
a4389c99 · Lorenz Brun · GitHub · e7593ce9 · a4389c99
Unverified Commit a4389c99 authored Nov 4, 2021 by Lorenz Brun Committed by GitHub Nov 4, 2021
--- a/config/runtime.exs
+++ b/config/runtime.exs
@@ -28,8 +28,8 @@ case secret_key_base do
  nil ->
    raise "SECRET_KEY_BASE configuration option is required. See https://plausible.io/docs/self-hosting-configuration#server"

-  key when byte_size(key) < 64 ->
-    raise "SECRET_KEY_BASE must be at least 64 bytes long. See https://plausible.io/docs/self-hosting-configuration#server"
+  key when byte_size(key) < 32 ->
+    raise "SECRET_KEY_BASE must be at least 32 bytes long. See https://plausible.io/docs/self-hosting-configuration#server"

  _ ->
    nil