I had the thought that I could maybe optionally encrypt config.go, so that's impossible for someone to read without the encryption key and potentially get the database credentials for a site.
The encryption key could be passed into the Gosora process when it starts and it could decrypt the file in-memory. Alternatively, could just pass the database parameters to it at start-up.
There may end up being secrets in there other than the database and it may get lengthy however.
The encryption key could be passed into the Gosora process when it starts and it could decrypt the file in-memory. Alternatively, could just pass the database parameters to it at start-up.
There may end up being secrets in there other than the database and it may get lengthy however.