Auto-update: Sun Feb 2 16:12:46 PST 2025

sij-ai · sij-ai · commit 34fd181ea335 · 2025-02-02T16:12:46.000-08:00
diff --git a/README.md b/README.md
@@ -46,7 +46,22 @@ Add favicon.ico to `static/favicon.ico`
 
 5. Generate initial registration token:
 ```bash
-openssl rand -base64 32 | tr -d '/+=' | head -c 32 > .registration_token
+openssl rand -hex 16 > .registration_token
+```
+
+6. Set up token rotation:
+```bash
+# Copy and configure the token refresh script
+cp example-refresh_token.sh refresh_token.sh
+nano refresh_token.sh  # configure paths for your environment
+
+# Make it executable
+chmod +x refresh_token.sh
+
+# Add to crontab (runs at midnight UTC)
+crontab -e
+# Add this line:
+0 0 * * * /path/to/your/hand_of_morpheus/refresh_token.sh 2>&1
 ```
 
 ## Configuration
@@ -71,15 +86,6 @@ smtp:
 
 You can also customize the subject and body of the email that is sent.
 
-## Token Rotation
-
-Add this to your crontab to rotate the registration token daily at 00:00 UTC:
-
-```bash
-# Edit crontab with: crontab -e
-0 0 * * * openssl rand -base64 32 | tr -d '/+=' | head -c 32 > /path/to/hand_of_morpheus/.registration_token
-```
-
 ## Running the Server
 
 ```bash
@@ -102,26 +108,4 @@ Consider running in a `tmux` session, or creating a system service for it.
 - Regularly backup `registrations.json`
 - Monitor logs for abuse patterns
 
-## Example Conduwuit docker run command
-
-```bash
-docker run -d \
-  -p 127.0.0.1:8448:6167 \
-  -v db:/var/lib/conduwuit/ \
-  -v /path/to/hand_of_morpheus/.registration_token:/registration_token:ro \
-  -e CONDUWUIT_SERVER_NAME="your.domain" \
-  -e CONDUWUIT_DATABASE_PATH="/var/lib/conduwuit/conduwuit.db" \
-  -e CONDUWUIT_DATABASE_BACKUP_PATH="/var/lib/conduwuit/backup" \
-  -e CONDUWUIT_ALLOW_REGISTRATION=true \
-  -e CONDUWUIT_REGISTRATION_TOKEN_FILE="/registration_token" \
-  -e CONDUWUIT_PORT=6167 \
-  -e CONDUWUIT_ADDRESS="0.0.0.0" \
-  -e CONDUWUIT_NEW_USER_DISPLAYNAME_SUFFIX="" \
-  -e CONDUWUIT_ALLOW_PUBLIC_ROOM_DIRECTORY_OVER_FEDERATION=true \
-  -e CONDUWUIT_ALLOW_PUBLIC_ROOM_DIRECTORY_WITHOUT_AUTH=true \
-  -e CONDUWUIT_ALLOW_FEDERATION=true \
-  -e CONDUWUIT_AUTO_JOIN_ROOMS='["#community:your.domain","#welcome:your.domain"]' \
-  --name conduwuit \
-  --restart unless-stopped \
-  ghcr.io/girlbossceo/conduwuit:v0.5.0-rc2-e5049cae4a3890dc5f61ead53281f23b36bf4c97
-  ```
+The included `refresh_token.sh` script handles both token rotation and conduwuit container management. Review and adjust its settings before use.
