sij/hand_of_morpheus
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Auto-update: Sun Feb 2 16:12:46 PST 2025

Browse source
This commit is contained in:
sanj 2025-02-02 16:12:46 -08:00
parent 2b0ce1d414
commit 34fd181ea3
1 changed files with 17 additions and 33 deletions

50
README.md
View file

@ -46,7 +46,22 @@ Add favicon.ico to `static/favicon.ico`
5. Generate initial registration token: 5. Generate initial registration token:
```bash ```bash
openssl rand -base64 32 | tr -d '/+=' | head -c 32 > .registration_token openssl rand -hex 16 > .registration_token
```
6. Set up token rotation:
```bash
# Copy and configure the token refresh script
cp example-refresh_token.sh refresh_token.sh
nano refresh_token.sh # configure paths for your environment
# Make it executable
chmod +x refresh_token.sh
# Add to crontab (runs at midnight UTC)
crontab -e
# Add this line:
0 0 * * * /path/to/your/hand_of_morpheus/refresh_token.sh 2>&1
``` ```
## Configuration ## Configuration
@ -71,15 +86,6 @@ smtp:
You can also customize the subject and body of the email that is sent. You can also customize the subject and body of the email that is sent.
## Token Rotation
Add this to your crontab to rotate the registration token daily at 00:00 UTC:
```bash
# Edit crontab with: crontab -e
0 0 * * * openssl rand -base64 32 | tr -d '/+=' | head -c 32 > /path/to/hand_of_morpheus/.registration_token
```
## Running the Server ## Running the Server
```bash ```bash
@ -102,26 +108,4 @@ Consider running in a `tmux` session, or creating a system service for it.
- Regularly backup `registrations.json` - Regularly backup `registrations.json`
- Monitor logs for abuse patterns - Monitor logs for abuse patterns
## Example Conduwuit docker run command The included `refresh_token.sh` script handles both token rotation and conduwuit container management. Review and adjust its settings before use.
```bash
docker run -d \
-p 127.0.0.1:8448:6167 \
-v db:/var/lib/conduwuit/ \
-v /path/to/hand_of_morpheus/.registration_token:/registration_token:ro \
-e CONDUWUIT_SERVER_NAME="your.domain" \
-e CONDUWUIT_DATABASE_PATH="/var/lib/conduwuit/conduwuit.db" \
-e CONDUWUIT_DATABASE_BACKUP_PATH="/var/lib/conduwuit/backup" \
-e CONDUWUIT_ALLOW_REGISTRATION=true \
-e CONDUWUIT_REGISTRATION_TOKEN_FILE="/registration_token" \
-e CONDUWUIT_PORT=6167 \
-e CONDUWUIT_ADDRESS="0.0.0.0" \
-e CONDUWUIT_NEW_USER_DISPLAYNAME_SUFFIX="" \
-e CONDUWUIT_ALLOW_PUBLIC_ROOM_DIRECTORY_OVER_FEDERATION=true \
-e CONDUWUIT_ALLOW_PUBLIC_ROOM_DIRECTORY_WITHOUT_AUTH=true \
-e CONDUWUIT_ALLOW_FEDERATION=true \
-e CONDUWUIT_AUTO_JOIN_ROOMS='["#community:your.domain","#welcome:your.domain"]' \
--name conduwuit \
--restart unless-stopped \
ghcr.io/girlbossceo/conduwuit:v0.5.0-rc2-e5049cae4a3890dc5f61ead53281f23b36bf4c97
```