# 注意：此文件仅作为模板，实际部署时需要手动创建 Secret 或使用外部密钥管理
# kubectl create secret generic seclusion-secret -n seclusion \
#   --from-literal=DATABASE_URL='postgresql://...' \
#   --from-literal=REDIS_URL='redis://...' \
#   --from-literal=JWT_SECRET='your-jwt-secret' \
#   --from-literal=ENCRYPTION_KEY='your-encryption-key'

apiVersion: v1
kind: Secret
metadata:
  name: seclusion-secret
  namespace: seclusion
type: Opaque
stringData:
  # 数据库连接
  DATABASE_URL: "postgresql://user:password@postgres:5432/seclusion"
  REDIS_URL: "redis://redis:6379"

  # JWT 配置
  JWT_SECRET: "change-me-in-production"
  JWT_EXPIRES_IN: "7d"
  JWT_REFRESH_SECRET: "change-me-in-production-refresh"
  JWT_REFRESH_EXPIRES_IN: "30d"

  # 加密密钥（如启用加密）
  ENCRYPTION_KEY: ""
  NEXT_PUBLIC_ENCRYPTION_KEY: ""