Open taoeffect opened 9 years ago
Actually, @PiPeep reminds me that PR #35 gets rid of the default private key, so we're good on not being negligent, but we still need to fetch the user's key from a top-level secrets
folder.
Note that these files shouldn't remain on the server:
So, related to al3x/sovereign#251, and related to my comment here (which i'll quote here):
Also worth doing, as part of this issue or a separate one, moving
roles/common/files/wildcard_private.key
(the user's key) to a top level folder calledsecrets
instead of buried within the roles.So this is a two parter:
.key
and.crt
into "the right place" on the server, and make that place a single folder so that it's easy to re-generate keys by simply deleting it.secrets
folder in this repo at the top level and tell users to put their private key. It's best to not distribute a "default key" the way sovereign is currently doing, as that is ... how you say... something that people should be sued over (default passwords = negligence).