docs/SECRETS_MAP.md aktualisiert

2026-03-23 17:05:43 +00:00
parent 7a7df8f12c
commit 84ddf04b3d
1 changed files with 44 additions and 0 deletions
@@ -0,0 +1,44 @@
+# Secrets Map — Homelab
+
+Dieses Dokument listet alle sensiblen Daten (Passwörter, Tokens, Keys) und deren Speicherorte.
+
+## Grundregeln
+
+- Secrets liegen **niemals im Git-Repository**
+- Speicherort: `/mnt/user/appdata/secrets/`
+- Berechtigungen: `chmod 600`
+- Nutzung in Docker über `_FILE` Variablen
+
+---
+
+## Übersicht
+
+| Service        | Secret | Datei | Status |
+|---------------|--------|------|--------|
+| Vaultwarden   | ADMIN_TOKEN | vaultwarden_admin_token.txt | ⏳ |
+| PostgreSQL    | DB Password | postgres_password.txt | ⏳ |
+| Mealie        | DB Password | mealie_db.txt | ⏳ |
+| Gotify        | User Passwort | gotify_password.txt | ⏳ |
+| DIUN          | Gotify Token | diun_gotify_token.txt | ⏳ |
+| Paperless     | DB Password | paperless_db.txt | ⏳ |
+| Code-Server   | Passwort | code_server_password.txt | ⏳ |
+| Immich        | DB Password | immich_db.txt | ⏳ |
+| Mail-Archiver | DB Passwort | mailarchiver_db.txt | ⏳ |
+| Scanopy       | DB Passwort | scanopy_db.txt | ⏳ |
+
+---
+
+## Pfadstruktur
+
+```text
+/mnt/user/appdata/secrets/
+├── vaultwarden_admin_token.txt
+├── postgres_password.txt
+├── mealie_db.txt
+├── gotify_password.txt
+├── diun_gotify_token.txt
+├── paperless_db.txt
+├── code_server_password.txt
+├── immich_db.txt
+├── mailarchiver_db.txt
+└── scanopy_db.txt