apiVersion: v1 kind: Secret metadata: name: lionsdev-client-secrets namespace: lions-apps labels: app: lionsdev-client app.kubernetes.io/name: lionsdev-client app.kubernetes.io/part-of: lions-infrastructure app.kubernetes.io/managed-by: lionsctl annotations: vault.hashicorp.com/agent-inject: "true" vault.hashicorp.com/role: "lionsdev-client" vault.hashicorp.com/agent-inject-secret-database: "secret/lionsdev-client/database" vault.hashicorp.com/agent-inject-template-database: | {{- with secret "secret/lionsdev-client/database" -}} QUARKUS_DATASOURCE_USERNAME={{ .Data.data.username }} QUARKUS_DATASOURCE_PASSWORD={{ .Data.data.password }} {{- end }} type: Opaque data: # Database credentials (base64 encoded) # These will be injected by Vault in production # Default values for development/testing QUARKUS_DATASOURCE_USERNAME: bGlvbnNfdXNlcg== # lions_user QUARKUS_DATASOURCE_PASSWORD: TGlvbnNEZXYyMDI1IQ== # LionsDev2025! # SMTP Configuration for contact forms QUARKUS_MAILER_HOST: c210cC5nbWFpbC5jb20= # smtp.gmail.com QUARKUS_MAILER_PORT: NTg3 # 587 QUARKUS_MAILER_USERNAME: Y29udGFjdEBsaW9ucy5kZXY= # contact@lions.dev QUARKUS_MAILER_PASSWORD: "" # Will be injected by Vault # JWT Secret for session management JWT_SECRET: TGlvbnNEZXZKV1RTZWNyZXQyMDI1IUVudGVycHJpc2U= # LionsDevJWTSecret2025!Enterprise # API Keys for external services GOOGLE_ANALYTICS_ID: "" # Will be injected by Vault GOOGLE_MAPS_API_KEY: "" # Will be injected by Vault # Monitoring and observability PROMETHEUS_AUTH_TOKEN: "" # Will be injected by Vault GRAFANA_API_KEY: "" # Will be injected by Vault --- apiVersion: v1 kind: Secret metadata: name: lionsdev-client-tls namespace: lions-apps labels: app: lionsdev-client app.kubernetes.io/name: lionsdev-client app.kubernetes.io/part-of: lions-infrastructure app.kubernetes.io/managed-by: lionsctl annotations: cert-manager.io/issuer: "letsencrypt-prod" type: kubernetes.io/tls data: # TLS certificate and key will be automatically generated by cert-manager tls.crt: "" tls.key: ""