feat: kompose secrets
This commit is contained in:
@@ -2,50 +2,85 @@
|
||||
# KOMPOSE - Secrets Configuration
|
||||
# ===================================================================
|
||||
# This file contains SENSITIVE data and should NOT be committed to git.
|
||||
# Add secrets.env to your .gitignore file!
|
||||
# Ensure secrets.env is in your .gitignore file!
|
||||
#
|
||||
# Generate random secrets with: ./kompose.sh --generate-secrets
|
||||
# Generate random secrets with: ./kompose.sh secrets generate
|
||||
# List all secrets with: ./kompose.sh secrets list
|
||||
# Validate configuration: ./kompose.sh secrets validate
|
||||
# Rotate a secret: ./kompose.sh secrets rotate SECRET_NAME
|
||||
# ===================================================================
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# Database Passwords (Shared)
|
||||
# Shared Database Secrets
|
||||
# -------------------------------------------------------------------
|
||||
DB_PASSWORD=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# Admin Passwords
|
||||
# Shared Admin Secrets
|
||||
# -------------------------------------------------------------------
|
||||
ADMIN_PASSWORD=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# Email/SMTP Passwords
|
||||
# Shared Email/SMTP Secrets
|
||||
# -------------------------------------------------------------------
|
||||
EMAIL_SMTP_PASSWORD=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# AUTH Stack Secrets (Keycloak)
|
||||
# Scope: auth.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
AUTH_KC_ADMIN_PASSWORD=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# TRACK Stack Secrets (Umami)
|
||||
# CODE Stack Secrets (Gitea)
|
||||
# Scope: code.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
CODE_RUNNER_TOKEN=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# AUTO Stack Secrets (n8n)
|
||||
# Scope: auto.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
AUTO_ENCRYPTION_KEY=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# SEXY Stack Secrets (Directus)
|
||||
# Scope: sexy.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
SEXY_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
SEXY_ADMIN_PASSWORD=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# DASH Stack Secrets (NextAuth)
|
||||
# Scope: dash.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
DASH_NEXTAUTH_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# NEWS Stack Secrets (Letterspace)
|
||||
# Scope: news.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
NEWS_JWT_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# TRACK Stack Secrets (Umami)
|
||||
# Scope: umami.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
# APP_SECRET for Umami (64 character hex string)
|
||||
TRACK_APP_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# Add more stack secrets below (scope them with stack name)
|
||||
# CHAT Stack Secrets
|
||||
# Scope: chat.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
# BLOG_SECRET_KEY=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# CHAT_ENCRYPTION_KEY=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# DATA_DIRECTUS_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# CODE_GITEA_RUNNER_TOKEN=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# etc...
|
||||
|
||||
# Example secrets from your current .env that should be scoped:
|
||||
# GITEA_RUNNER_REGISTRATION_TOKEN=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# NEXTAUTH_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# JWT_TOKEN=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# N8N_ENCRYPTION_KEY=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# DIRECTUS_SECRET=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# PASSWORD_HASH=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
# -------------------------------------------------------------------
|
||||
# VAULT Stack Secrets (Vaultwarden)
|
||||
# Scope: vault.pivoine.art
|
||||
# -------------------------------------------------------------------
|
||||
# VAULT_ADMIN_TOKEN=CHANGE_ME_GENERATE_WITH_KOMPOSE
|
||||
|
||||
# -------------------------------------------------------------------
|
||||
# Additional Stack Secrets
|
||||
# Follow the naming convention: STACKNAME_SECRET_PURPOSE
|
||||
# -------------------------------------------------------------------
|
||||
|
||||
Reference in New Issue
Block a user