0be9ae426b
services.yaml now references key: "{{HOMEPAGE_VAR_HASS_TOKEN}}" instead of
the inline long-lived HA JWT (which was exposed in this public-fronted repo
and has been rotated + revoked). Secret now lives only in observability/.env
(untracked, mode 600). Add .gitignore for .env/secrets so this can't recur.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
14 lines
152 B
Plaintext
14 lines
152 B
Plaintext
# Secrets / credentials — never commit
|
|
.env
|
|
.env.*
|
|
*.env
|
|
secrets.yaml
|
|
secrets.yml
|
|
secrets.*.yaml
|
|
*.key
|
|
*.pem
|
|
*.crt
|
|
credentials
|
|
*credentials*
|
|
*.secret
|