Skip to content

WF_SECRET_FILE is ignored and WF_SECRET_KEY is still required #559

New issue
New issue
Open
Open
WF_SECRET_FILE is ignored and WF_SECRET_KEY is still required#559
@magiccyril

Description

@magiccyril
magiccyril
opened on Feb 2, 2026

Describe the bug
When using the WF_SECRET_FILE environment variable, the application still requires WF_SECRET_KEY to be set. It seems that WF_SECRET_FILE is not taken into account at all.

To Reproduce
Steps to reproduce the behavior:

  1. Deploy Wealthfolio with WF_SECRET_FILE set (pointing to a valid file containing the secret key)
  2. Do not set WF_SECRET_KEY
  3. Start the application

Expected behavior
If WF_SECRET_FILE is provided, the application should read the secret key from the file and not require WF_SECRET_KEY to be set as an environment variable.

Actual behavior
The application fails to start and reports that WF_SECRET_KEY is missing, even though WF_SECRET_FILE is defined and the file exists.

Environment
Deployment method: Docker Compose
Wealthfolio version : v2.1.0

Additional context
This makes it impossible to rely on Docker secrets (or similar mechanisms) using *_FILE environment variables, which is a common best practice for handling sensitive data.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions