2025-12-25 20:32:07 +00:00
|
|
|
# Example secrets file - DO NOT COMMIT REAL SECRETS
|
|
|
|
|
# Copy this file to secrets.yaml and fill in real values
|
|
|
|
|
# Then use: kubectl create secret generic veza-secrets --from-env-file=secrets.yaml -n veza-production
|
2025-12-25 20:38:32 +00:00
|
|
|
#
|
|
|
|
|
# For production, consider using External Secrets Operator with Vault/AWS/GCP
|
|
|
|
|
# See k8s/secrets/README.md for more information
|
2025-12-25 20:32:07 +00:00
|
|
|
|
|
|
|
|
apiVersion: v1
|
|
|
|
|
kind: Secret
|
|
|
|
|
metadata:
|
|
|
|
|
name: veza-secrets
|
2025-12-25 20:38:32 +00:00
|
|
|
namespace: veza-production # Change to veza-development or veza-staging as needed
|
2025-12-25 20:32:07 +00:00
|
|
|
type: Opaque
|
|
|
|
|
stringData:
|
2025-12-25 20:38:32 +00:00
|
|
|
# Required secrets for all services
|
2025-12-25 20:32:07 +00:00
|
|
|
database-url: "postgresql://user:password@postgres:5432/veza?sslmode=require"
|
|
|
|
|
redis-url: "redis://redis:6379/0"
|
|
|
|
|
jwt-secret: "your-jwt-secret-key-min-32-chars-long"
|
2025-12-25 20:38:32 +00:00
|
|
|
|
|
|
|
|
# Backend API additional secrets
|
|
|
|
|
stripe-api-key: "sk_live_your_stripe_api_key"
|
|
|
|
|
stripe-webhook-secret: "whsec_your_webhook_secret"
|
|
|
|
|
smtp-password: "your_smtp_password"
|
|
|
|
|
s3-access-key: "your_aws_access_key"
|
|
|
|
|
s3-secret-key: "your_aws_secret_key"
|
|
|
|
|
|
|
|
|
|
# Chat Server secrets
|
|
|
|
|
chat-server-secret: "your_chat_server_secret"
|
|
|
|
|
|
|
|
|
|
# Stream Server secrets
|
|
|
|
|
stream-server-secret: "your_stream_server_secret"
|
2025-12-25 20:32:07 +00:00
|
|
|
|
