Files
homelab-configs/.gitignore
T
tommy 0be9ae426b homepage: read HA token from env var; stop committing it in plaintext
services.yaml now references key: "{{HOMEPAGE_VAR_HASS_TOKEN}}" instead of
the inline long-lived HA JWT (which was exposed in this public-fronted repo
and has been rotated + revoked). Secret now lives only in observability/.env
(untracked, mode 600). Add .gitignore for .env/secrets so this can't recur.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-27 22:01:27 -05:00

14 lines
152 B
Plaintext

# Secrets / credentials — never commit
.env
.env.*
*.env
secrets.yaml
secrets.yml
secrets.*.yaml
*.key
*.pem
*.crt
credentials
*credentials*
*.secret