38 lines
997 B
Markdown
38 lines
997 B
Markdown
|
# Security Policy
|
||
|
|
|
||
|
|
This repository is public. Treat it as documentation and reproducible operations code, not as a secret store.
|
||
|
|
|
||
|
|
## Never commit
|
||
|
|
|
||
|
|
- Real `.env` files
|
||
|
|
- Gitea `app.ini` secrets
|
||
|
|
- Database passwords
|
||
|
|
- SMTP credentials
|
||
|
|
- OAuth secrets
|
||
|
|
- SSH private keys
|
||
|
|
- API tokens
|
||
|
|
- Gitea dump archives
|
||
|
|
- PostgreSQL dump files
|
||
|
|
- TLS private keys
|
||
|
|
- Full production logs containing sensitive data
|
||
|
|
|
||
|
|
## Safe to commit
|
||
|
|
|
||
|
|
- `.env.example` with placeholders
|
||
|
|
- Docker Compose templates with variable references
|
||
|
|
- Nginx templates without private keys
|
||
|
|
- Runbooks
|
||
|
|
- Scripts that read secrets from the environment
|
||
|
|
- Architecture records
|
||
|
|
|
||
|
|
## If a secret is committed
|
||
|
|
|
||
|
|
1. Rotate the secret immediately.
|
||
|
|
2. Remove it from current files.
|
||
|
|
3. Rewrite public Git history only if the exposure is severe and worth the operational risk.
|
||
|
|
4. Assume the secret was copied by someone else.
|
||
|
|
|
||
|
|
## Operational rule
|
||
|
|
|
||
|
|
For production maintenance, create backups before upgrades and verify both web and SSH Git paths after changes.
|