60 lines
1.8 KiB
TOML
60 lines
1.8 KiB
TOML
# 🔐 Enhanced Security Configuration for HMAC File Server 3.3.0
|
|
# Advanced security features for network switching and standby recovery
|
|
|
|
[server]
|
|
# Basic server configuration
|
|
listen_address = "8080"
|
|
bind_ip = "0.0.0.0"
|
|
storage_path = "./uploads"
|
|
unix_socket = false
|
|
|
|
# Network resilience features (3.3.0+)
|
|
network_events = true
|
|
client_multi_interface = true
|
|
|
|
[security]
|
|
# HMAC authentication secret (CHANGE THIS IN PRODUCTION!)
|
|
secret = "your-very-secret-hmac-key-change-in-production"
|
|
|
|
# Enhanced Security Features (NEW in 3.3.0)
|
|
enhanced_security = true # Enable enhanced security evaluation
|
|
challenge_on_network_change = true # Require challenge-response on network change
|
|
reauth_on_long_standby = true # Require full re-auth after long standby
|
|
standby_threshold_minutes = 30 # Minutes to detect standby
|
|
long_standby_threshold_hours = 2 # Hours to require full re-auth
|
|
|
|
# JWT configuration (optional)
|
|
enablejwt = false
|
|
jwtsecret = "your-256-bit-jwt-secret-key-change-this"
|
|
|
|
[sessionstore]
|
|
# Session storage for network switching
|
|
enabled = true
|
|
backend = "memory" # Options: memory, redis
|
|
expiry_hours = 72 # Maximum session age
|
|
cleanup_interval_minutes = 60 # Cleanup frequency
|
|
|
|
# Redis backend (if using redis)
|
|
# redis_url = "redis://localhost:6379/0"
|
|
|
|
[uploads]
|
|
# File upload configuration
|
|
max_file_size = "100MB"
|
|
allowed_extensions = [".txt", ".pdf", ".jpg", ".png", ".mp4", ".mkv"]
|
|
dedupe = true
|
|
|
|
[downloads]
|
|
# File download configuration
|
|
max_file_size = "100MB"
|
|
allowed_extensions = [".txt", ".pdf", ".jpg", ".png", ".mp4", ".mkv"]
|
|
chunked_downloads_enabled = true
|
|
chunk_size = "1MB"
|
|
|
|
[logging]
|
|
# Logging configuration
|
|
level = "info"
|
|
file = "/var/log/hmac-file-server/enhanced-security.log"
|
|
|
|
[build]
|
|
version = "3.3.0"
|