From 84ddf04b3d85eb75ff7549a7a9435d0096c2c589 Mon Sep 17 00:00:00 2001
From: Micha <michideheld@gmx.de>
Date: Mon, 23 Mar 2026 17:05:43 +0000
Subject: [PATCH] docs/SECRETS_MAP.md aktualisiert

---
 docs/SECRETS_MAP.md | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/docs/SECRETS_MAP.md b/docs/SECRETS_MAP.md
index e69de29..e061906 100644
--- a/docs/SECRETS_MAP.md
+++ b/docs/SECRETS_MAP.md
@@ -0,0 +1,44 @@
+# Secrets Map — Homelab
+
+Dieses Dokument listet alle sensiblen Daten (Passwörter, Tokens, Keys) und deren Speicherorte.
+
+## Grundregeln
+
+- Secrets liegen **niemals im Git-Repository**
+- Speicherort: `/mnt/user/appdata/secrets/`
+- Berechtigungen: `chmod 600`
+- Nutzung in Docker über `_FILE` Variablen
+
+---
+
+## Übersicht
+
+| Service        | Secret | Datei | Status |
+|---------------|--------|------|--------|
+| Vaultwarden   | ADMIN_TOKEN | vaultwarden_admin_token.txt | ⏳ |
+| PostgreSQL    | DB Password | postgres_password.txt | ⏳ |
+| Mealie        | DB Password | mealie_db.txt | ⏳ |
+| Gotify        | User Passwort | gotify_password.txt | ⏳ |
+| DIUN          | Gotify Token | diun_gotify_token.txt | ⏳ |
+| Paperless     | DB Password | paperless_db.txt | ⏳ |
+| Code-Server   | Passwort | code_server_password.txt | ⏳ |
+| Immich        | DB Password | immich_db.txt | ⏳ |
+| Mail-Archiver | DB Passwort | mailarchiver_db.txt | ⏳ |
+| Scanopy       | DB Passwort | scanopy_db.txt | ⏳ |
+
+---
+
+## Pfadstruktur
+
+```text
+/mnt/user/appdata/secrets/
+├── vaultwarden_admin_token.txt
+├── postgres_password.txt
+├── mealie_db.txt
+├── gotify_password.txt
+├── diun_gotify_token.txt
+├── paperless_db.txt
+├── code_server_password.txt
+├── immich_db.txt
+├── mailarchiver_db.txt
+└── scanopy_db.txt
\ No newline at end of file