{"__v":7,"_id":"56ce22c249abf10b0036a3e0","category":{"__v":1,"_id":"56cedc8ce50c9c1b00830423","pages":["56d763c2693ef41d0003abec"],"project":"552829408962f339009a678d","version":"552829408962f339009a6790","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2016-02-25T10:50:52.142Z","from_sync":false,"order":8,"slug":"server-configuration","title":"Server Configuration"},"parentDoc":null,"project":"552829408962f339009a678d","user":"55282916d9e1db2d00cd923c","version":{"__v":26,"_id":"552829408962f339009a6790","project":"552829408962f339009a678d","createdAt":"2015-04-10T19:49:20.516Z","releaseDate":"2015-04-10T19:49:20.516Z","categories":["552829418962f339009a6791","55284ed68962f339009a67e1","55286c73391a362500d9b3f4","552918f6b316811900149f59","5529b255d739240d00a3483e","553287590a578a0d008d4ff5","55329385e7d1fa0d003fc946","5550b55200420e0d00d1312f","55525fca953c9c0d00f507d7","559199695631432f002d358a","559d8d96980b801700d5ec7e","55c5e833cccdeb2d004e24b9","55d76504f662951900fc0e7d","55ea213cc62aa02f008229cd","56157b750f5ed00d00483dd8","561981fbac0924170069f4e8","561b8b1ea430930d0037ea67","563417428b86331700b488ca","56cd785bface161300dae0ec","56cdcc6e70db8a15006395f4","56cdf1b749abf10b0036a34a","56cedc8ce50c9c1b00830423","56e97ba8d825061900d1ac83","570d505228e6900e00477229","573614ca2ab52e1700c8e851","57d556a2496a3117004d70cf"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":["57f6ae392da80e2000790897","5824d00935d1dd3700046b87"],"next":{"pages":[],"description":""},"createdAt":"2016-02-24T21:38:10.023Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":0,"body":"[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Generating secret\"\n}\n[/block]\nYou need to specify `secret` in your server.conf. `secret` is random string, you can generate one with random.org, here is link to generate suitable key: [Generate key](https://www.random.org/strings/?num=2&len=20&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new)\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Generating server keys\"\n}\n[/block]\nFor secure communications Actor Server have to be configured with Curve25519 keys. \nWe will use `actor-cli` to generate them.\n\nIf you installed Actor server via auto install script/debian package, execute following commands:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"sudo mkdir -p /usr/share/actor/keys\\nsudo actor-cli key -c -o /usr/share/actor/keys/actor-key\\nsudo chown -R actor:actor /usr/share/actor/keys\",\n      \"language\": \"shell\"\n    }\n  ]\n}\n[/block]\nIf you installed Actor server in distribution different from Ubuntu, execute following commands:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"sudo mkdir -p ~/actor-keys\\nsudo actor-cli key -c -o ~/actor-keys/actor-key\\nsudo chown -R <your_system_user>:<your_system_user> ~/actor-keys\",\n      \"language\": \"shell\"\n    }\n  ]\n}\n[/block]\nWhen key generation complete, you will have output similar to following one. Paths will depend on path you passed to cli:\n\n```\nCreated file:///usr/share/actor/keys/actor-key.pub and file:///usr/share/actor/keys/actor-key.private\nYou need to add the following to your server.conf:\n\nmodules: {\n  # ... other modules\n  security {\n  # ... other settings\n    server-keys: [\n    # ... other server keys\n      {\n        public: \"/usr/share/actor/keys/actor-key.pub\"\n        private: \"/usr/share/actor/keys/actor-key.private\"\n      }\n    ]\n  }\n}\n```\n\nHere is part you must put in your server.conf file:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"modules: {\\n  security {\\n    server-keys: [\\n      {\\n        public: \\\"/usr/share/actor/keys/actor-key.pub\\\"\\n        private: \\\"/usr/share/actor/keys/actor-key.private\\\"\\n      }\\n    ]\\n  }\\n}\",\n      \"language\": \"text\"\n    }\n  ]\n}\n[/block]","excerpt":"Configure secret and server keys","slug":"securing-server","type":"basic","title":"Securing Server"}

Securing Server

Configure secret and server keys

[block:api-header] { "type": "basic", "title": "Generating secret" } [/block] You need to specify `secret` in your server.conf. `secret` is random string, you can generate one with random.org, here is link to generate suitable key: [Generate key](https://www.random.org/strings/?num=2&len=20&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new) [block:api-header] { "type": "basic", "title": "Generating server keys" } [/block] For secure communications Actor Server have to be configured with Curve25519 keys. We will use `actor-cli` to generate them. If you installed Actor server via auto install script/debian package, execute following commands: [block:code] { "codes": [ { "code": "sudo mkdir -p /usr/share/actor/keys\nsudo actor-cli key -c -o /usr/share/actor/keys/actor-key\nsudo chown -R actor:actor /usr/share/actor/keys", "language": "shell" } ] } [/block] If you installed Actor server in distribution different from Ubuntu, execute following commands: [block:code] { "codes": [ { "code": "sudo mkdir -p ~/actor-keys\nsudo actor-cli key -c -o ~/actor-keys/actor-key\nsudo chown -R <your_system_user>:<your_system_user> ~/actor-keys", "language": "shell" } ] } [/block] When key generation complete, you will have output similar to following one. Paths will depend on path you passed to cli: ``` Created file:///usr/share/actor/keys/actor-key.pub and file:///usr/share/actor/keys/actor-key.private You need to add the following to your server.conf: modules: { # ... other modules security { # ... other settings server-keys: [ # ... other server keys { public: "/usr/share/actor/keys/actor-key.pub" private: "/usr/share/actor/keys/actor-key.private" } ] } } ``` Here is part you must put in your server.conf file: [block:code] { "codes": [ { "code": "modules: {\n security {\n server-keys: [\n {\n public: \"/usr/share/actor/keys/actor-key.pub\"\n private: \"/usr/share/actor/keys/actor-key.private\"\n }\n ]\n }\n}", "language": "text" } ] } [/block]