# Banatie Production Secrets # ========================== # NEVER COMMIT THIS FILE TO GIT! # # Copy this file to secrets.env and generate real values # Location on VPS: /opt/banatie/secrets.env # Permissions: chmod 600 secrets.env # # Last Updated: December 23, 2025 # ---------------------------------------- # PostgreSQL Secrets # ---------------------------------------- # Generate: openssl rand -base64 32 | tr -d '\n\r ' POSTGRES_PASSWORD= # ---------------------------------------- # MinIO Root Credentials # ---------------------------------------- # Root user for MinIO admin console MINIO_ROOT_USER=banatie_admin # Generate: openssl rand -base64 32 | tr -d '\n\r ' MINIO_ROOT_PASSWORD= # ---------------------------------------- # MinIO Service Account # ---------------------------------------- # Service account for API access to MinIO MINIO_ACCESS_KEY=banatie_service # Generate: openssl rand -base64 32 | tr -d '\n\r ' MINIO_SECRET_KEY= # ---------------------------------------- # API Secrets # ---------------------------------------- # Google Gemini API key for image generation # Get from: https://aistudio.google.com/app/apikey GEMINI_API_KEY= # JWT secret for token signing # Generate: openssl rand -base64 64 | tr -d '\n\r ' JWT_SECRET= # Session secret for Express sessions # Generate: openssl rand -base64 32 | tr -d '\n\r ' SESSION_SECRET= # ---------------------------------------- # Quick Generation Script # ---------------------------------------- # Run this to generate all secrets: # # echo "POSTGRES_PASSWORD=$(openssl rand -base64 32 | tr -d '\n\r ')" # echo "MINIO_ROOT_USER=banatie_admin" # echo "MINIO_ROOT_PASSWORD=$(openssl rand -base64 32 | tr -d '\n\r ')" # echo "MINIO_ACCESS_KEY=banatie_service" # echo "MINIO_SECRET_KEY=$(openssl rand -base64 32 | tr -d '\n\r ')" # echo "JWT_SECRET=$(openssl rand -base64 64 | tr -d '\n\r ')" # echo "SESSION_SECRET=$(openssl rand -base64 32 | tr -d '\n\r ')" # echo "GEMINI_API_KEY="