# Secrets Map — Homelab

Dieses Dokument listet alle sensiblen Daten (Passwörter, Tokens, Keys) und deren Speicherorte.

## Grundregeln

- Secrets liegen **niemals im Git-Repository**
- Speicherort: `/mnt/user/appdata/secrets/`
- Berechtigungen: `chmod 600`
- Nutzung in Docker über `_FILE` Variablen

---

## Übersicht

| Service        | Secret | Datei | Status |
|---------------|--------|------|--------|
| Vaultwarden   | ADMIN_TOKEN | vaultwarden_admin_token.txt | ⏳ |
| PostgreSQL    | DB Password | postgres_password.txt | ⏳ |
| Mealie        | DB Password | mealie_db.txt | ⏳ |
| Gotify        | User Passwort | gotify_password.txt | ⏳ |
| DIUN          | Gotify Token | diun_gotify_token.txt | ⏳ |
| Paperless     | DB Password | paperless_db.txt | ⏳ |
| Code-Server   | Passwort | code_server_password.txt | ⏳ |
| Immich        | DB Password | immich_db.txt | ⏳ |
| Mail-Archiver | DB Passwort | mailarchiver_db.txt | ⏳ |
| Scanopy       | DB Passwort | scanopy_db.txt | ⏳ |

---

## Pfadstruktur

```text
/mnt/user/appdata/secrets/
├── vaultwarden_admin_token.txt
├── postgres_password.txt
├── mealie_db.txt
├── gotify_password.txt
├── diun_gotify_token.txt
├── paperless_db.txt
├── code_server_password.txt
├── immich_db.txt
├── mailarchiver_db.txt
└── scanopy_db.txt