ghndrx/k8s-game-2048
1
0
Fork 0
mirror of https://github.com/ghndrx/k8s-game-2048.git synced 2026-02-10 06:45:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
develop
k8s-game-2048/docs/ENVIRONMENT.md
Greg d582108b16 🔒 Add environment-based configuration system 
- Add .env.example template with all configurable values
- Create comprehensive .gitignore for personal data
- Add sanitization script to remove hardcoded personal info
- Add environment-aware deployment scripts
- Add ENVIRONMENT.md documentation
- Keep personal information in .env (gitignored)

This makes the repository safe for public sharing while keeping personal domains, emails, and secrets secure.
2025-07-01 10:09:14 -07:00

3.0 KiB
Raw Permalink Blame History

Environment Configuration

This repository uses environment variables to keep personal information (domains, emails, repository names) out of the public codebase.

Quick Setup

  1. Copy the environment template:

    cp .env.example .env

  2. Edit .env with your information:

    nano .env

  3. Update these key values:

    • BASE_DOMAIN - Your domain (e.g., example.com)
    • GITHUB_REPOSITORY - Your GitHub repo (e.g., username/k8s-game-2048)
    • CERT_EMAIL - Your email for SSL certificates
    • WEBHOOK_SECRET - Generate with: openssl rand -hex 32

Environment Variables

Required Variables

Variable Description Example
BASE_DOMAIN Your base domain example.com
WEBHOOK_DOMAIN Webhook endpoint domain webhook.example.com
GITHUB_REPOSITORY Your GitHub repository username/k8s-game-2048
CERT_EMAIL Email for SSL certificates admin@example.com
WEBHOOK_SECRET Secret for webhook security Generated 64-char hex

Auto-generated Domains

The following domains are automatically generated from BASE_DOMAIN:

  • Development: 2048-dev.{BASE_DOMAIN}
  • Staging: 2048-staging.{BASE_DOMAIN}
  • Production: 2048.{BASE_DOMAIN}

Canonical Knative Domains

  • Dev: game-2048-dev.game-2048-dev.dev.{BASE_DOMAIN}
  • Staging: game-2048-staging.game-2048-staging.staging.{BASE_DOMAIN}
  • Production: game-2048-prod.game-2048-prod.{BASE_DOMAIN}

Security

  • Never commit .env - It's in .gitignore for security
  • Use strong webhook secrets - Generate with openssl rand -hex 32
  • Rotate secrets regularly - Update webhook secret periodically

Deployment Scripts

Setup Webhook Handler

./scripts/setup-webhook-deployment.sh

Prepare Environment-Specific Manifests

./scripts/prepare-deployment.sh

Sanitize Repository (for public sharing)

./scripts/sanitize-repo.sh

GitHub Secrets

After setting up your .env, configure these GitHub repository secrets:

  1. Go to your repository Settings → Secrets and variables → Actions
  2. Add these secrets from your .env file:
WEBHOOK_SECRET=<from .env>
DEV_WEBHOOK_URL=https://<WEBHOOK_DOMAIN>/webhook/deploy
STAGING_WEBHOOK_URL=https://<WEBHOOK_DOMAIN>/webhook/deploy
PROD_WEBHOOK_URL=https://<WEBHOOK_DOMAIN>/webhook/deploy
KNATIVE_DOMAIN=<BASE_DOMAIN>

Template System

The repository uses a template system to keep personal information secure:

  • manifests/templates/ - Sanitized templates with placeholders
  • manifests/ - Your actual deployment manifests (gitignored)
  • .env.example - Template for environment configuration

Development Workflow

  1. Clone repository
  2. Copy .env.example to .env
  3. Update .env with your configuration
  4. Run ./scripts/prepare-deployment.sh
  5. Deploy with ./scripts/setup-webhook-deployment.sh

This ensures your personal information stays private while keeping the codebase shareable.

Reference in New Issue View Git Blame Copy Permalink