28 lines
1.6 KiB
Diff
28 lines
1.6 KiB
Diff
|
--- server.conf.in.orig 2017-10-24 17:32:49.929715267 -0400
|
||
|
+++ server.conf.in 2017-10-24 17:52:14.557079287 -0400
|
||
|
@@ -70,13 +70,13 @@
|
||
|
; Session secret to use for session id generator. 32 or 64 bytes of random data
|
||
|
; are recommented (hex encoded). A warning will be logged if hex decode fails.
|
||
|
; You can generate a secret easily with "xxd -ps -l 32 -c 32 /dev/random".
|
||
|
-sessionSecret = the-default-secret-do-not-keep-me
|
||
|
+sessionSecret = <SESSION_SECRET>
|
||
|
; Encryption secret protecting the data in generated server side tokens. Use
|
||
|
; 16, 24, or 32 bytes (hex encoded) to select AES-128, AES-192, or AES-256.
|
||
|
; When you change the encryption secret, stored authentications, sessions and
|
||
|
; contacts become invalid. A warning will be logged if hex decode fails. You
|
||
|
; can generate a secret easily with "xxd -ps -l 32 -c 32 /dev/random".
|
||
|
-encryptionSecret = tne-default-encryption-block-key
|
||
|
+encryptionSecret = <ENCRYPTION_SECRET>
|
||
|
; Full path to a text file containig client tokens which a user needs to enter
|
||
|
; when accessing the web client. Each line in this file represents a valid
|
||
|
; token.
|
||
|
@@ -109,7 +109,7 @@
|
||
|
; Server token is a public random string which is used to enhance security of
|
||
|
; server generated security tokens. When the serverToken is changed all existing
|
||
|
; nonces become invalid. Use 32 or 64 characters (eg. 16 or 32 byte hex).
|
||
|
-serverToken = i-did-not-change-the-public-token-boo
|
||
|
+serverToken = <SERVER_TOKEN>
|
||
|
; The server realm is part of the validation chain of tokens and nonces and is
|
||
|
; added as suffix to server created user ids if user creation is enabled. When
|
||
|
; the realm is changed, all existing tokens and nonces become invalid.
|