Skip to content

Mercure

Jump to bottom Edit New page
Beau Barker edited this page Nov 7, 2025 · 11 revisions

Mercure is a protocol that enables reliable and efficient updates to web browsers and other HTTP clients, via Server-Sent Events.

1. JWT Secret

Note

Mercure should use different JWT secrets than the one used in Caddy and PostgREST.

Generate secrets for both publishing and subscribing (these keys are required whether you're using them or not):

openssl rand -hex 32

Put the secrets in the environment file:

app/.env

MERCURE_PUBLISHER_KEY=(publisher secret)
MERCURE_SUBSCRIBER_KEY=(subscriber secret)

Add the secrets and other settings to the Compose file:

app/compose.yaml

mercure:
  image: dunglas/mercure:v0.19
  environment:
    SERVER_NAME: ":80"
    MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_PUBLISHER_JWT_KEY:?} # Required even if unused
    MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_SUBSCRIBER_JWT_KEY:?} # Required even if unused
    MERCURE_CORS_ALLOWED_ORIGINS: "*" # Sets CORS Access-Control-Allow-Origin for all requests
    MERCURE_PUBLISH_ALLOWED_ORIGINS: "http://postgres" # Restricts which origins can send POST (publish)
    # MERCURE_ANONYMOUS: "1" # Allow public subscribing - does not work for me
    MERCURE_EXTRA_DIRECTIVES: anonymous # Works

Caddy

Add a route for subscribing:

app/caddy/Caddyfile

# Allow subscribing to /jobs
route /jobs* {
  @sse method GET
  reverse_proxy @sse mercure:80
  respond @sse "Invalid method" 405
}
Add a custom footer
Add a custom sidebar

Clone this wiki locally