-
Notifications
You must be signed in to change notification settings - Fork 0
Mercure
Beau Barker edited this page Aug 13, 2025
·
8 revisions
Mercure is a protocol that enables reliable and efficient updates to web browsers and other HTTP clients, via Server-Sent Events.
Note
Mercure should use different JWT secrets than the one used in Caddy and PostgREST.
Generate secrets for both publishing and subscribing (these keys are required whether you're using them or not):
openssl rand -base64 32Put the secrets in the environment file:
.env
MERCURE_PUBLISHER_KEY=(publisher secret)
MERCURE_SUBSCRIBER_KEY=(subscriber secret)Caution
The .env file is for development only. Never store real secrets in plain
text in production.
Add the secrets and other settings to the Compose file:
compose.yaml
mercure:
image: dunglas/mercure:v0.19
environment:
SERVER_NAME: ":80"
MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_PUBLISHER_JWT_KEY:?} # Required even if unused
MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_SUBSCRIBER_JWT_KEY:?} # Required even if unused
MERCURE_CORS_ALLOWED_ORIGINS: "*" # Sets CORS Access-Control-Allow-Origin for all requests
MERCURE_PUBLISH_ALLOWED_ORIGINS: "http://postgres" # Restricts which origins can send POST (publish)
# MERCURE_ANONYMOUS: "1" # Allow public subscribing - does not work for me
MERCURE_EXTRA_DIRECTIVES: anonymous # WorksAdd a route for subscribing:
caddy/Caddyfile
# Allow subscribing to /jobs
route /jobs* {
@sse method GET
reverse_proxy @sse mercure:80
respond @sse "Invalid method" 405
}