# ==============================================================================
# Kestra Demo – Umgebungsvariablen
# Kopieren:
#   cp .env.example .env
# Danach Werte in .env eintragen.
# ==============================================================================


# ------------------------------------------------------------------------------
# Hetzner Cloud
# ------------------------------------------------------------------------------
# API-Token:
# https://console.hetzner.cloud/ -> Projekt -> Sicherheit -> API-Tokens

HCLOUD_TOKEN=changeme_hcloud_token

# Name eines bereits in Hetzner hinterlegten SSH-Keys
SSH_KEY_NAME=changeme_ssh_key_name


# ------------------------------------------------------------------------------
# Terraform Variablen
# ------------------------------------------------------------------------------
# Terraform liest automatisch alle Variablen mit Prefix TF_VAR_

TF_VAR_hcloud_token=changeme_hcloud_token
TF_VAR_ssh_key_name=changeme_ssh_key_name


# ------------------------------------------------------------------------------
# Hetzner Object Storage / S3 Backend für Terraform State
# ------------------------------------------------------------------------------
# Zugangsdaten:
# https://console.hetzner.cloud/ -> Object Storage -> Zugangsdaten

AWS_ACCESS_KEY_ID=changeme_s3_access_key_id
AWS_SECRET_ACCESS_KEY=changeme_s3_secret_access_key
AWS_DEFAULT_REGION=eu-central

# Bucket-Name muss vorher angelegt sein
TF_BACKEND_BUCKET=changeme_bucket_name

# Beispiel Hetzner Object Storage Endpoint
TF_BACKEND_ENDPOINT=https://nbg1.your-objectstorage.com


# ------------------------------------------------------------------------------
# OpenAI
# ------------------------------------------------------------------------------
# API-Key:
# https://platform.openai.com/api-keys

OPENAI_API_KEY=changeme_openai_api_key


# ------------------------------------------------------------------------------
# SMTP
# ------------------------------------------------------------------------------

SMTP_USERNAME=changeme_smtp_username
SMTP_PASSWORD=changeme_smtp_password


# ------------------------------------------------------------------------------
# Git / Forgejo
# ------------------------------------------------------------------------------
# Nur nötig, wenn Kestra private Repositories klonen soll.

GIT_USERNAME=changeme_git_username
GIT_TOKEN=changeme_git_token


# ==============================================================================
# Kestra OSS Secrets
# ==============================================================================
# WICHTIG:
# SECRET_* Werte müssen bei Kestra OSS base64-codiert sein.
#
# Beispiel Linux:
#   echo -n "mein-geheimer-wert" | base64 -w 0
#
# Beispiel macOS:
#   echo -n "mein-geheimer-wert" | base64
#
# SSH Private Key:
#   base64 -w 0 ~/.ssh/id_ed25519
# ==============================================================================


# ------------------------------------------------------------------------------
# Hetzner Cloud als Kestra Secret
# ------------------------------------------------------------------------------
SECRET_HCLOUD_TOKEN=base64_encoded_hcloud_token


# ------------------------------------------------------------------------------
# Hetzner SSH-Key-Name als Kestra Secret
# ------------------------------------------------------------------------------
SECRET_SSH_KEY_NAME=base64_encoded_ssh_key_name


# ------------------------------------------------------------------------------
# SSH Private Key für Remote-Zugriffe per Kestra
# Wird z. B. verwendet durch:
#   {{ secret('SSH_PRIVATE_KEY') }}
# ------------------------------------------------------------------------------
SECRET_SSH_PRIVATE_KEY=base64_encoded_private_ssh_key


# ------------------------------------------------------------------------------
# S3 / Object Storage Secrets
# ------------------------------------------------------------------------------
SECRET_AWS_ACCESS_KEY_ID=base64_encoded_s3_access_key_id
SECRET_AWS_SECRET_ACCESS_KEY=base64_encoded_s3_secret_access_key
SECRET_TF_BACKEND_BUCKET=base64_encoded_backend_bucket
SECRET_TF_BACKEND_ENDPOINT=base64_encoded_backend_endpoint


# ------------------------------------------------------------------------------
# OpenAI als Kestra Secret
# ------------------------------------------------------------------------------
SECRET_OPENAI_API_KEY=base64_encoded_openai_api_key


# ------------------------------------------------------------------------------
# SMTP als Kestra Secret
# ------------------------------------------------------------------------------
SECRET_SMTP_USERNAME=base64_encoded_smtp_username
SECRET_SMTP_PASSWORD=base64_encoded_smtp_password


# ------------------------------------------------------------------------------
# Git / Forgejo als Kestra Secret
# ------------------------------------------------------------------------------
SECRET_GIT_USERNAME=base64_encoded_git_username
SECRET_GIT_TOKEN=base64_encoded_git_token