--- server.conf.in.orig	2017-10-24 17:32:49.929715267 -0400
+++ server.conf.in	2017-10-24 17:52:14.557079287 -0400
@@ -70,13 +70,13 @@
 ; Session secret to use for session id generator. 32 or 64 bytes of random data
 ; are recommented (hex encoded). A warning will be logged if hex decode fails.
 ; You can generate a secret easily with "xxd -ps -l 32 -c 32 /dev/random".
-sessionSecret = the-default-secret-do-not-keep-me
+sessionSecret = <SESSION_SECRET>
 ; Encryption secret protecting the data in generated server side tokens. Use
 ; 16, 24, or 32 bytes (hex encoded) to select AES-128, AES-192, or AES-256.
 ; When you change the encryption secret, stored authentications, sessions and
 ; contacts become invalid. A warning will be logged if hex decode fails. You
 ; can generate a secret easily with "xxd -ps -l 32 -c 32 /dev/random".
-encryptionSecret = tne-default-encryption-block-key
+encryptionSecret = <ENCRYPTION_SECRET>
 ; Full path to a text file containig client tokens which a user needs to enter
 ; when accessing the web client. Each line in this file represents a valid
 ; token.
@@ -109,7 +109,7 @@
 ; Server token is a public random string which is used to enhance security of
 ; server generated security tokens. When the serverToken is changed all existing
 ; nonces become invalid. Use 32 or 64 characters (eg. 16 or 32 byte hex).
-serverToken = i-did-not-change-the-public-token-boo
+serverToken = <SERVER_TOKEN>
 ; The server realm is part of the validation chain of tokens and nonces and is
 ; added as suffix to server created user ids if user creation is enabled. When
 ; the realm is changed, all existing tokens and nonces become invalid.