forked from Limework/RediSkript
Make encryption config more informative & some other things
This commit is contained in:
parent
8cda727799
commit
c89e4f1310
@ -17,7 +17,7 @@ public class Encryption {
|
||||
public Encryption(Configuration config){
|
||||
encryptionEnabled = config.getBoolean("Redis.EncryptMessages");
|
||||
if (encryptionEnabled) {
|
||||
// AES-128 encryption
|
||||
// AES encryption
|
||||
encryptionKey = config.getString("Redis.EncryptionKey");
|
||||
macKey = config.getString("Redis.MacKey");
|
||||
}
|
||||
|
@ -2,6 +2,8 @@ Redis:
|
||||
#a secure password that cannot be cracked, please change it!
|
||||
#it is also recommended to firewall your redis server with iptables so it can only be accessed by specific IP addresses
|
||||
Password: "yHy0d2zdBlRmaSPj3CiBwEv5V3XxBTLTrCsGW7ntBnzhfxPxXJS6Q1aTtR6DSfAtCZr2VxWnsungXHTcF94a4bsWEpGAvjL9XMU"
|
||||
#hostname of your redis server, you can use free redis hosting (search for it online) if you do not have the ability to host your own redis server
|
||||
#redis server is very lightweight, takes under 30 MB of RAM usually
|
||||
Host: "127.0.0.1"
|
||||
#must be 2 or higher, if you set to lower, the addon will automatically use 2 as a minimum
|
||||
#do not edit MaxConnections if you do not know what you're doing
|
||||
@ -13,18 +15,28 @@ Redis:
|
||||
#9000 = 9 seconds
|
||||
TimeOut: 9000
|
||||
#also known as SSL, only use this if you're running Redis 6.0.6 or higher, older versions will not work correctly
|
||||
#it encrypts your traffic and makes data exchange between distant servers completely secure
|
||||
#it encrypts your traffic and makes data exchange between distant servers secure
|
||||
useTLS: false
|
||||
#may be useful if you cannot use TLS due to use of older version of Redis
|
||||
#however this will not encrypt the initial authentication password, only the messages sent
|
||||
#it uses AES-128 SIV encryption which is secure enough for this
|
||||
#EncryptMessages may be useful if you cannot use TLS due to use of older version of Redis or if you're paranoid about privacy and want to double encrypt your messages
|
||||
#however this will not encrypt the initial authentication password, only the messages sent (use TLS for initial authentication password encryption)
|
||||
|
||||
#the encryption configuration must be the same across all servers in order to communicate
|
||||
|
||||
#use 16 characters long key for AES-128 encryption
|
||||
#32 characters long key for AES-256 encryption
|
||||
#AES-128 is faster, but less secure (but it is not crackable by today's technology as of 2020, may be crackable by quantum computers)
|
||||
EncryptMessages: true
|
||||
#EncryptionKey and MacKey must be different
|
||||
EncryptionKey: "16CHARACTERS KEY"
|
||||
MacKey: "16CHARACTERS KEY"
|
||||
|
||||
|
||||
#the channels from which this server can receive messages
|
||||
#you can always send messages to all channels!
|
||||
#you can add as many channels as you wish!
|
||||
|
||||
#ideal setup is having one global channel and having one channel that represents server name, so you know who to send messages to
|
||||
#then a few other utility channels up to your needs
|
||||
Channels:
|
||||
- "global"
|
||||
- "servername"
|
||||
|
Loading…
Reference in New Issue
Block a user