From 1440c48191f27e44c2dc6115cb12db99c4d8d44c Mon Sep 17 00:00:00 2001
From: Robert <Robert@TryingToScale.com>
Date: Sat, 5 Jul 2025 11:36:30 -0400
Subject: [PATCH] /etc...

---
 README           | 10 +++++++++-
 cliVault.service |  8 ++++----
 default.yaml     |  1 +
 server.go        |  4 ++--
 4 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/README b/README
index fba88ae..4b2e3bc 100644
--- a/README
+++ b/README
@@ -1,20 +1,28 @@
 ```
 go get github.com/mattn/go-sqlite3
 go get golang.org/x/crypto/bcrypt
+go get gopkg.in/yaml.v2
 go mod download golang.org/x/term
 go mod tidy
 
 go run keygen.go
 go run chaKey.go
 nano default.yaml
-cp default.yaml config.yaml
+
+sudo mkdir /etc/cliVault
+sudo mv encrypted_aes_key.pem /etc/cliVault/
+sudo cp default.yaml /etc/cliVault/config.yaml
 
 sudo apt install gcc
 CGO_ENABLED=1 go build -o cliVault server.go
+sudo cp cliVault /usr/local/bin/
 ```
 
 ## Systemd Unit file:
 ```
+nano cliVault.service
+<Edit USERNAME to be your user>
+
 sudo cp cliVault.service /etc/systemd/system/
 sudo systemctl daemon-reload
 sudo systemctl enable cliVault
diff --git a/cliVault.service b/cliVault.service
index fcda2f1..e22bd86 100644
--- a/cliVault.service
+++ b/cliVault.service
@@ -7,16 +7,16 @@ Type=simple
 # REPLACE all USERNAME with actual user
 User=USERNAME
 Group=USERNAME
-WorkingDirectory=/home/USERNAME/cliVault
-ExecStart=/home/USERNAME/cliVault/cliVault
+WorkingDirectory=/etc/cliVault
+ExecStart=/usr/local/bin/cliVault
 Restart=on-failure
 RestartSec=5s
 
 # Security restrictions
 PrivateTmp=true
 ProtectSystem=strict
-ProtectHome=false
-ReadWritePaths=/home/USERNAME/cliVault
+ProtectHome=true
+ReadWritePaths=/etc/cliVault
 NoNewPrivileges=true
 PrivateDevices=true
 ProtectKernelTunables=true
diff --git a/default.yaml b/default.yaml
index 17e97ed..4e24b82 100644
--- a/default.yaml
+++ b/default.yaml
@@ -1,3 +1,4 @@
+AllowRegistration: true
 auth:
   ChaKey: "b107568bf716da40f5f17fea0e6608816020118d2c10b488ef9777b3d626126f"
   PEM: "encrypted_aes_key.pem"
diff --git a/server.go b/server.go
index 1f25ee0..b6d10a8 100644
--- a/server.go
+++ b/server.go
@@ -26,10 +26,10 @@ import (
     _ "github.com/mattn/go-sqlite3"
 )
 
-const AllowRegistration = true // Disable after users are added!
 var ChaKey = []byte("")
 
 type Config struct {
+    AllowRegistration bool `yaml:"AllowRegistration"`
 	Auth struct {
 		ChaKey string `yaml:"ChaKey"`
         PEM    string `yaml:"PEM"`
@@ -357,7 +357,7 @@ func handleConnection(conn net.Conn, db *sql.DB) {
     }
 
     if req.Operation == "register" {
-        if AllowRegistration == false {
+        if config.AllowRegistration == false {
             enc.Encode(Response{Message: "Registration Disabled!", Enc: ""})
             return
         }