docs: document NEXT_SERVER_ACTIONS_ENCRYPTION_KEY requirement

[tennisleng]

Summary

• add missing NEXT_SERVER_ACTIONS_ENCRYPTION_KEY to the self-hosting README instructions
• document how to generate a secure key so installs don't fail on v3

Testing

• documentation only

Fixes #3695

[vercel]

@tennisleng is attempting to deploy a commit to the umami-software Team on Vercel.

A member of the Team first needs to authorize it.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds documentation for the NEXT_SERVER_ACTIONS_ENCRYPTION_KEY environment variable required by Next.js 15 Server Actions. This addresses issue #3695 where multi-instance deployments (Kubernetes) were failing without this key.

Major changes:

• Added documentation for NEXT_SERVER_ACTIONS_ENCRYPTION_KEY requirement for v3 installations
• Included openssl rand -hex 32 command for generating secure encryption keys

Issues found:

• Character count mismatch: openssl rand -hex 32 generates 64 hex characters, not 32
• Missing update to docker-compose.yml which will have the same issue in multi-container deployments

Confidence Score: 2/5

• This PR is incomplete and needs corrections before merging
• Documentation-only change, but has critical issues: placeholder text is incorrect (32 vs 64 characters), and docker-compose.yml also needs the same env variable to fix the Kubernetes deployment issue mentioned in #3695
• README.md needs corrections, and docker-compose.yml needs to be updated

Important Files Changed

File Analysis

Filename	Score	Overview
README.md	2/5	Added documentation for NEXT_SERVER_ACTIONS_ENCRYPTION_KEY requirement. Found character count mismatch in placeholder and missing update to docker-compose.yml.

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant Docs as README.md
    participant Env as Environment Setup
    participant Docker as docker-compose.yml
    participant K8s as Kubernetes Deployment
    participant Next as Next.js 15

    Dev->>Docs: Read installation instructions
    Docs->>Dev: Configure DATABASE_URL
    Docs->>Dev: Set NEXT_SERVER_ACTIONS_ENCRYPTION_KEY (NEW)
    Dev->>Env: Create .env file with keys
    Dev->>Env: Run openssl rand -hex 32
    Env-->>Dev: Generate 64-char key
    
    alt Docker Deployment
        Dev->>Docker: Use docker-compose up
        Docker->>Next: Pass environment variables
        Note over Docker,Next: ⚠️ Missing NEXT_SERVER_ACTIONS_ENCRYPTION_KEY
    end
    
    alt Kubernetes Deployment
        Dev->>K8s: Deploy multiple instances
        K8s->>Next: Pass environment variables
        Next-->>K8s: ❌ Fails without encryption key
    end
    
    Next->>Next: Validate encryption key
    alt Key Present
        Next-->>Dev: ✓ Application starts successfully
    else Key Missing
        Next-->>Dev: ❌ Server Actions fail
    end

Loading

_{1 file reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

syntax: The command openssl rand -hex 32 generates 64 hex characters, not 32 characters. The placeholder should reflect this.

Prompt To Fix With AI

This is a comment left during a code review.
Path: README.md
Line: 60:60

Comment:
**syntax:** The command `openssl rand -hex 32` generates 64 hex characters, not 32 characters. The placeholder should reflect this.

How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

logic: The same env variable should be added to docker-compose.yml:8 since Docker deployments in Kubernetes will have the same issue mentioned in #3695.

Prompt To Fix With AI

This is a comment left during a code review.
Path: README.md
Line: 57:61

Comment:
**logic:** The same env variable should be added to `docker-compose.yml:8` since Docker deployments in Kubernetes will have the same issue mentioned in #3695.

How can I resolve this? If you propose a fix, please make it concise.