Spencer
c93dcb5daf
- Create README.md with project layout and quick start instructions - Implement backup scripts for Gitea, including database and repository exports - Add systemd service and timer for automated Gitea backups - Develop bootstrap scripts for homelab and VPS setup - Document architecture and restore procedures - Configure Caddy reverse proxy and Docker Compose for service management - Establish secrets management guidelines
16 lines
317 B
Markdown
16 lines
317 B
Markdown
# Secrets
|
|
|
|
Do not commit plaintext secrets.
|
|
|
|
## Pattern
|
|
|
|
- Commit encrypted blobs only (`*.age`).
|
|
- Decrypt to `/srv/secrets/*` at bootstrap/runtime.
|
|
- Keep private decryption key outside git.
|
|
|
|
## Expected encrypted files
|
|
|
|
- `tailscale_authkey.age`
|
|
- `gitea_token.age` (optional)
|
|
- `postgres_password.age` (optional)
|