build/docker: pass JWT_PRIVATE_KEY_SEED as a secret env, add alternate GOAWAY_JWT_PRIVATE_KEY_SEED env

Dockerfile

@@ -55,7 +55,6 @@ ENV GOAWAY_CHALLENGE_TEMPLATE_LOGO=""
 ENV GOAWAY_SLOG_LEVEL="WARN"
 ENV GOAWAY_CLIENT_IP_HEADER=""
 ENV GOAWAY_BACKEND_IP_HEADER=""
-ENV GOAWAY_JWT_PRIVATE_KEY_SEED=""
 ENV GOAWAY_BACKEND=""
 ENV GOAWAY_ACME_AUTOCERT=""
 ENV GOAWAY_CACHE="/cache"
@@ -66,6 +65,6 @@ EXPOSE 8080/udp
 EXPOSE 9090/tcp
 EXPOSE 6060/tcp
 
-ENV JWT_PRIVATE_KEY_SEED="${GOAWAY_JWT_PRIVATE_KEY_SEED}"
+# Use GOAWAY_JWT_PRIVATE_KEY_SEED or JWT_PRIVATE_KEY_SEED secret mount to expose this value to docker
 
 ENTRYPOINT ["/docker-entrypoint.sh"]

cmd/go-away/main.go

@@ -154,7 +154,9 @@ func main() {
 	var seed []byte
 
 	var kValue string
-	if kValue = os.Getenv("JWT_PRIVATE_KEY_SEED"); kValue != "" {
+	if kValue = os.Getenv("GOAWAY_JWT_PRIVATE_KEY_SEED"); kValue != "" {
+		// prefer first
+	} else if kValue = os.Getenv("JWT_PRIVATE_KEY_SEED"); kValue != "" {
 
 	} else if *jwtPrivateKeySeed != "" {
 		kValue = *jwtPrivateKeySeed