GuestNo new alerts

Encrypted Config Files?

- General17
 
I had the thought that I could maybe optionally encrypt config.go, so that's impossible for someone to read without the encryption key and potentially get the database credentials for a site.

The encryption key could be passed into the Gosora process when it starts and it could decrypt the file in-memory. Alternatively, could just pass the database parameters to it at start-up.

There may end up being secrets in there other than the database and it may get lengthy however.