senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/k8s/secrets.yaml.example
senke 2aea1af361 docs(J2): align docs with reality — rewrite CLAUDE.md, fix README, purge chat-server refs 
Completes Day 2 of the v1.0.3 → v1.0.4 cleanup sprint. The documentation
now describes the actual repo layout instead of a fictional one.

CLAUDE.md — complete rewrite
  Old version referenced paths that don't exist and a protocol aimed at
  implementing v0.11.0 (current tag: v1.0.3). The agent was following a
  map for a city that had been rebuilt.
  - backend/        → veza-backend-api/
  - frontend/       → apps/web/
  - ORIGIN/ (root)  → veza-docs/ORIGIN/
  - veza-chat-server → merged into backend-api (v0.502, commit 279a10d31)
  - apps/desktop/   → never existed
  Also refreshed: stack versions (Go 1.25, Vite 5, React 18.2, Axum 0.8),
  commands, conventions, hook bypasses (SKIP_TYPES/SKIP_TESTS/SKIP_E2E),
  scope rules kept as immutable (no AI/ML, no Web3, no gamification, no
  dark patterns, no public popularity metrics).

README.md — targeted fixes
  - "Version cible: v0.101" → "Version courante: v1.0.4"
  - "Development Setup (v0.9.3)" → "Development Setup"
  - Removed Desktop (Electron) section — never implemented
  - Removed veza-chat-server from structure — merged into backend
  - Removed deprecated compose files section (nothing is DEPRECATED now)

k8s runbooks — remove stale chat-server references
  The disaster-recovery runbooks still scaled/restarted a deployment
  that no longer exists. In a real failover these commands would have
  failed silently and blocked the procedure. Files patched:
    - k8s/disaster-recovery/runbooks/cluster-failover.md
    - k8s/disaster-recovery/runbooks/data-restore.md
    - k8s/disaster-recovery/runbooks/database-failover.md
    - k8s/disaster-recovery/runbooks/rollback-procedure.md
    - k8s/network-policies/README.md
    - k8s/secrets/README.md
    - k8s/secrets.yaml.example
  Each reference is replaced by a short inline note pointing to v0.502
  (commit 279a10d31) so future readers understand the history.

.env.example — remove CHAT_JWT_SECRET
  Legacy env var for the deleted chat server. Replaced by an explanatory
  comment.

Not in this commit (user handles on Forgejo):
  - Closing the 5 open dependabot PRs on veza-chat-server/* branches
  - Deleting those 5 remote branches after the PRs are closed

Refs: AUDIT_REPORT.md §5.1, §7.1, §10 P1, §10 P4
2026-04-14 17:23:50 +02:00

32 lines
1.2 KiB
Text
Raw Blame History

# Example secrets file - DO NOT COMMIT REAL SECRETS
# Copy this file to secrets.yaml and fill in real values
# Then use: kubectl create secret generic veza-secrets --from-env-file=secrets.yaml -n veza-production
#
# For production, consider using External Secrets Operator with Vault/AWS/GCP
# See k8s/secrets/README.md for more information
apiVersion: v1
kind: Secret
metadata:
name: veza-secrets
namespace: veza-production # Change to veza-development or veza-staging as needed
type: Opaque
stringData:
# Required secrets for all services
database-url: "postgresql://user:password@postgres:5432/veza?sslmode=require"
redis-url: "redis://redis:6379/0"
jwt-secret: "your-jwt-secret-key-min-32-chars-long"
# Backend API additional secrets
stripe-api-key: "sk_live_your_stripe_api_key"
stripe-webhook-secret: "whsec_your_webhook_secret"
smtp-password: "your_smtp_password"
s3-access-key: "your_aws_access_key"
s3-secret-key: "your_aws_secret_key"
# Chat: merged into backend-api since v0.502 (commit 05d02386d)
# Reuses the shared JWT secret — no separate chat-server secret.
# Stream Server secrets
stream-server-secret: "your_stream_server_secret"
Reference in a new issue View git blame Copy permalink