From bebdd4e6efec33870bb8050254dab8d742dbb1bf Mon Sep 17 00:00:00 2001
From: Amitai Burstein <amitai@gizra.com>
Date: Fri, 9 May 2025 22:45:46 +0300
Subject: [PATCH 1/2] USe env config for the location of the RSA files

---
 Guide/file-storage.markdown | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/Guide/file-storage.markdown b/Guide/file-storage.markdown
index e3b66a48a..626fbd2aa 100644
--- a/Guide/file-storage.markdown
+++ b/Guide/file-storage.markdown
@@ -947,6 +947,16 @@ ssh-keygen -t rsa -b 4096 -m PEM -f ./Config/jwtRS256.key
 openssl rsa -in ./Config/jwtRS256.key -pubout -outform PEM -out ./Config/jwtRS256.key.pub
 ```
 
+Add in the `.envrc` file the location of the newly generated files
+
+
+```bash
+export JWT_PRIVATE_KEY_PATH="./Config/jwtRS256.key";
+export JWT_PUBLIC_KEY_PATH="./Config/jwtRS256.key.pub";
+```
+
+**Note:** Upon deploy to AWS, the files and location will be automatically set for you via the `flake.nix` file.
+
 ```haskell
 -- Config/Config.hs
 import Control.Exception (catch)
@@ -961,8 +971,11 @@ config = do
     -- ...
 
     -- Private and public keys to sign and verify image style URLs.
-    privateKeyContent <- liftIO $ readRsaKeyFromFile "./Config/jwtRS256.key"
-    publicKeyContent <- liftIO $ readRsaKeyFromFile "./Config/jwtRS256.key.pub"
+    privateKeyFilePath <- env @FilePath "JWT_PRIVATE_KEY_PATH"
+    publicKeyFilePath <- env @FilePath "JWT_PUBLIC_KEY_PATH"
+
+    privateKeyContent <- liftIO $ readRsaKeyFromFile privateKeyFilePath
+    publicKeyContent <- liftIO $ readRsaKeyFromFile publicKeyFilePath
 
     case (readRsaSecret privateKeyContent, readRsaPublicKey publicKeyContent) of
         (Just privateKey, Just publicKey) -> option $ RsaKeys publicKey privateKey
@@ -971,7 +984,7 @@ config = do
 
 readRsaKeyFromFile :: FilePath -> IO BS.ByteString
 readRsaKeyFromFile path = do
-    catch (BS.readFile path) handleException
+    cControl.Exception.catch (BS.readFile path) handleException
   where
     handleException :: IOError -> IO BS.ByteString
     handleException _ = return BS.empty

From 26ef389d6caf4c27f719cdd901cd58a318652186 Mon Sep 17 00:00:00 2001
From: Amitai Burstein <amitai@gizra.com>
Date: Sat, 10 May 2025 09:49:56 +0300
Subject: [PATCH 2/2] Update Guide/file-storage.markdown

---
 Guide/file-storage.markdown | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Guide/file-storage.markdown b/Guide/file-storage.markdown
index 626fbd2aa..0266373c0 100644
--- a/Guide/file-storage.markdown
+++ b/Guide/file-storage.markdown
@@ -984,7 +984,7 @@ config = do
 
 readRsaKeyFromFile :: FilePath -> IO BS.ByteString
 readRsaKeyFromFile path = do
-    cControl.Exception.catch (BS.readFile path) handleException
+    Control.Exception.catch (BS.readFile path) handleException
   where
     handleException :: IOError -> IO BS.ByteString
     handleException _ = return BS.empty