expertfab-infra/k8s/gongme/secret.yaml

---
# Application Secret — wird von api-Pod und web-Pod per envFrom geladen.
apiVersion: v1
kind: Secret
metadata:
  name: gongme-env
  namespace: gongme
type: Opaque
stringData:
  # --- Postgres ---
  DATABASE_URL: "postgresql://gongme:gongme-prod-pw-change-me@gongme-postgres:5432/gongme?schema=public"

  # --- NestJS ---
  NODE_ENV: "production"
  PORT: "3001"
  JWT_SECRET: "change-me-random-32-chars-minimum"
  PUBLIC_BASE_URL: "https://gongme.expertfab.de"

  # --- SMTP (bestehendes Relay) ---
  SMTP_HOST: "smtprelay.expertfab.de"
  SMTP_PORT: "587"
  SMTP_USER: "it-admin@expertfab.de"
  SMTP_PASS: "Relay22$$"
  SMTP_FROM: "gongme@expertfab.de"

  # --- Web Push (VAPID) ---
  VAPID_PUBLIC_KEY: "BMFgG85di4U9X-YtbvGxvuwpIS2nNjZCyPzfwMewYs9N38NTQvvDixCHzj2JGe-rCW4jyaO2ZW0DgggB5lH8NI8"
  VAPID_PRIVATE_KEY: "LNd_q9vqUbH5RQUf_tgO_hJWbI3--zuaNaGyjUqfTy8"
  VAPID_SUBJECT: "mailto:it-admin@expertfab.de"

  # --- Next.js (web-Pod) ---
  API_INTERNAL_URL: "http://gongme-api:3001"