# Docker Secrets Mapping
# Maps environment variables to Docker secrets

secrets_mapping:
  postgresql:
    POSTGRES_PASSWORD: pg_root_password
    POSTGRES_DB_PASSWORD: pg_root_password
    
  mariadb:
    MYSQL_ROOT_PASSWORD: mariadb_root_password
    MARIADB_ROOT_PASSWORD: mariadb_root_password
    
  redis:
    REDIS_PASSWORD: redis_password
    
  nextcloud:
    MYSQL_PASSWORD: nextcloud_db_password
    NEXTCLOUD_ADMIN_PASSWORD: nextcloud_admin_password
    
  immich:
    DB_PASSWORD: immich_db_password
    
  paperless:
    PAPERLESS_SECRET_KEY: paperless_secret_key
    
  vaultwarden:
    ADMIN_TOKEN: vaultwarden_admin_token
    
  homeassistant:
    SUPERVISOR_TOKEN: ha_api_token
    
  grafana:
    GF_SECURITY_ADMIN_PASSWORD: grafana_admin_password
    
  jellyfin:
    JELLYFIN_API_KEY: jellyfin_api_key
    
  gitea:
    GITEA__security__SECRET_KEY: gitea_secret_key

# File secrets (certificates, keys)
file_secrets:
  tls_certificate: /run/secrets/tls_certificate
  tls_private_key: /run/secrets/tls_private_key