89ca29918b
- Generate shared CA during core deployment for consistent trust across servers - Modify setup_docker_tls() to use shared CA instead of per-server CAs - Update share_certs_with_core() to copy shared CA from core server - Re-enable TLS verification (DOCKER_TLS_VERIFY=1) in Sablier - Fix Sablier certificate mounting for proper TLS connection - Add docker-tls/ to .gitignore to prevent certificate leaks - Update documentation for shared CA approach
95 lines
1.1 KiB
Plaintext
95 lines
1.1 KiB
Plaintext
# Environment variables and secrets
|
|
.env
|
|
*.env
|
|
!.env.example
|
|
|
|
# Config directories with sensitive data
|
|
config/*/secrets/
|
|
config/*/*.key
|
|
config/*/*.pem
|
|
config/*/*.crt
|
|
config/*/db/
|
|
|
|
# Backup files
|
|
*.backup
|
|
*.bak
|
|
backups/
|
|
|
|
# OS files
|
|
.DS_Store
|
|
Thumbs.db
|
|
*.swp
|
|
*.swo
|
|
*~
|
|
|
|
# Editor files
|
|
.vscode/
|
|
.idea/
|
|
*.sublime-*
|
|
|
|
# Logs
|
|
*.log
|
|
logs/
|
|
|
|
# Temporary files
|
|
tmp/
|
|
temp/
|
|
*.tmp
|
|
|
|
# Docker volumes (if locally mounted)
|
|
volumes/
|
|
|
|
# Documentation builds
|
|
docs/_build/
|
|
docs/.doctrees/
|
|
|
|
# Python
|
|
__pycache__/
|
|
*.py[cod]
|
|
*$py.class
|
|
*.so
|
|
.Python
|
|
venv/
|
|
env/
|
|
|
|
# Node
|
|
node_modules/
|
|
npm-debug.log*
|
|
yarn-debug.log*
|
|
yarn-error.log*
|
|
|
|
# Database files
|
|
*.sqlite
|
|
*.db
|
|
|
|
# Certificates and keys
|
|
*.pem
|
|
*.key
|
|
*.crt
|
|
*.cer
|
|
*.p12
|
|
*.pfx
|
|
acme.json
|
|
|
|
# Docker TLS certificates directory
|
|
docker-tls/
|
|
|
|
# Nextcloud application files (should be mounted via volumes)
|
|
docker-compose/productivity/nextcloud/html/
|
|
|
|
# Wiki working directories (temporary)
|
|
wiki-*/
|
|
wiki-repo/
|
|
|
|
# Monitoring data (if stored locally)
|
|
prometheus-data/
|
|
grafana-data/
|
|
loki-data/
|
|
# Service data directories (databases, logs, configs)
|
|
**/config/db/
|
|
**/data/
|
|
**/logs/
|
|
**/settings.json
|
|
**/*.key
|
|
**/*.pem
|