blumilksoftware · Blusia · Sep 19, 2024 · Sep 19, 2024 · Sep 19, 2024 · Sep 23, 2024
@@ -20,3 +20,6 @@ DOCKER_DATABASE_HOST_PORT=53853
 DOCKER_REDIS_HOST_PORT=53852
 DOCKER_INSTALL_XDEBUG=true
 DOCKER_HOST_USER_ID=1000
+
+SOPS_AGE_BETA_SECRET_KEY=
+SOPS_AGE_PROD_SECRET_KEY=
@@ -1,23 +1,118 @@
-name: Deploy to production init
+name: Deploy to production Keating
 
 concurrency:
   group: deploy-prod
   cancel-in-progress: false
 
 on:
   workflow_dispatch:
+    inputs:
+      appName:
+        description: 'For whom app should be deployed?'
+        required: true
+        type: choice
+        options:
+          - krewak
+          - eskrzypacz
+          - kzygadlo
+          - kpiech
 
 jobs:
   deploy:
     environment: production
     runs-on: ubuntu-22.04
-    name: Deploy to production
+    name: Deploy to production - ${{ inputs.appName }}
     env:
-      DOCKER_REGISTRY: ghcr.io
-      DOCKER_REGISTRY_USER_NAME: blumilkbot
-      REPO_NAME: ${{ github.event.repository.name }}
-      REPO_OWNER: ${{ github.repository_owner }}
+      DOCKER_REGISTRY: registry.blumilk.pl
+      DOCKER_REGISTRY_USER_NAME: robot@blumilkbot-harbor
+      DOCKER_REGISTRY_PROJECT_NAME: internal-public
+      DOCKER_REGISTRY_REPO_NAME: keating
       TARGET_DIR_ON_SERVER: /blumilk/production
+      APP_NAME: ${{ inputs.appName }}
     steps:
+      - name: set branch name
+        run: echo "BRANCH_NAME=$GITHUB_REF_NAME" >> $GITHUB_ENV
+
       - name: checkout
         uses: actions/[email protected]
+        with:
+          fetch-depth: 0
+          ref: ${{ env.BRANCH_NAME }}
+
+      - name: sync with main branch
+        run: |
+          git config user.name "GitHub Actions Bot"
+          git config user.email "<>"
+          git merge --no-commit --no-ff origin/main
+
+      - name: set deployment project version
+        run: echo "DEPLOYMENT_PROJECT_VERSION=$(bash ./environment/prod/deployment/scripts/version.sh --long)" >> $GITHUB_ENV
+
+      - name: set up Docker Buildx
+        uses: docker/[email protected]
+
+      - name: login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.DOCKER_REGISTRY }}
+          username: ${{ env.DOCKER_REGISTRY_USER_NAME }}
+          password: ${{ secrets.BLUMILKBOT_HARBOR_TOKEN }}
+
+      - name: set docker image name
+        run: echo "DOCKER_IMAGE_NAME=${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REGISTRY_PROJECT_NAME }}/${{ env.DOCKER_REGISTRY_REPO_NAME }}" >> $GITHUB_ENV
+
+      - name: Docker meta
+        id: meta
+        uses: docker/[email protected]
+        with:
+          images: ${{ env.DOCKER_IMAGE_NAME }}
+          tags: |
+            type=raw,value=${{ env.APP_NAME }}
+          context: workflow
+
+      - name: build and push image
+        uses: docker/[email protected]
+        with:
+          context: .
+          file: ./environment/prod/app/Dockerfile
+          build-args: |
+            DEPLOYMENT_PROJECT_VERSION_ARG=${{ env.DEPLOYMENT_PROJECT_VERSION }}
+            APP_ID_ARG=${{ env.APP_NAME }}
+          push: true
+          labels: ${{ steps.meta.outputs.labels }}
+          tags: ${{ steps.meta.outputs.tags }}
+          cache-from: type=gha, ref=${{ env.DOCKER_IMAGE_NAME }}-prod-build-cache
+          cache-to: type=gha, ref=${{ env.DOCKER_IMAGE_NAME }}-prod-build-cache, mode=max
+
+      - name: copy files via ssh
+        uses: appleboy/[email protected]
+        with:
+          timeout: 10s
+          command_timeout: 10m
+          host: ${{ secrets.VPS_OVH_BF7EC892_HOST }}
+          port: ${{ secrets.VPS_OVH_BF7EC892_PORT }}
+          username: ${{ secrets.VPS_OVH_BF7EC892_USERNAME }}
+          key: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY }}
+          passphrase: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY_PASSPHRASE }}
+          source: "./environment/prod/deployment/prod/apps/${{ env.APP_NAME }}/*,./environment/prod/deployment/scripts/*, ./environment/prod/deployment/prod/Makefile, ./environment/prod/deployment/prod/docker-compose.prod.yml"
+          target: ${{ env.TARGET_DIR_ON_SERVER }}/${{ env.DOCKER_REGISTRY_REPO_NAME }}/${{ env.APP_NAME }}
+          rm: true
+
+      - uses: appleboy/[email protected]
+        with:
+          timeout: 10s
+          command_timeout: 10m
+          host: ${{ secrets.VPS_OVH_BF7EC892_HOST }}
+          port: ${{ secrets.VPS_OVH_BF7EC892_PORT }}
+          username: ${{ secrets.VPS_OVH_BF7EC892_USERNAME }}
+          key: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY }}
+          passphrase: ${{ secrets.VPS_OVH_BF7EC892_SSH_PRIVATE_KEY_PASSPHRASE }}
+          script_stop: true
+          script: |
+            cd ${{ env.TARGET_DIR_ON_SERVER }}/${{ env.DOCKER_REGISTRY_REPO_NAME }}/${{ env.APP_NAME }}/environment/prod/deployment/prod/
+            mv Makefile docker-compose.prod.yml apps/${{ env.APP_NAME }}/
+            cd apps/${{ env.APP_NAME }}
+            echo ${{ secrets.BLUMILKBOT_HARBOR_TOKEN }} | docker login ${{ env.DOCKER_REGISTRY }} --username ${{ env.DOCKER_REGISTRY_USER_NAME }} --password-stdin
+            make prod-deploy SOPS_AGE_KEY=${{ secrets.SOPS_AGE_PROD_SECRET_KEY }}
+            docker images --filter dangling=true | grep "${{ env.DOCKER_IMAGE_NAME }}" | awk '{print $3}'| xargs --no-run-if-empty docker rmi
+            docker logout ${{ env.DOCKER_REGISTRY }}
@@ -13,6 +13,7 @@
 .env
 .env.backup
 .env.beta.secrets.decrypted
+.env.prod.secrets.decrypted
 .phpunit.result.cache
 .php-cs-fixer.cache
 .appversion

@@ -4,3 +4,8 @@ creation_rules:
     path_regex: \.env\.beta\.secrets.*$
     age: >-
       age1vq7sw98g2xk9md2yg9f959k8xkaz8r32pds27jn3nsfcdue3757s0h7hd8
+
+  - name: prod
+    path_regex: \.env\.prod\.secrets.*$
+    age: >-
+      age1h8wnpa5lx2vgn2h64lgpeanuct8q2tvzxvn5xmvms7exmwvmu9zq5str5w
@@ -65,6 +65,30 @@ encrypt-beta-secrets:
 decrypt-beta-secrets:
 	@$(MAKE) decrypt-secrets SECRETS_ENV=beta AGE_SECRET_KEY=${SOPS_AGE_BETA_SECRET_KEY}
 
+encrypt-krewak-prod-secrets:
+	@$(MAKE) encrypt-secrets-prod SECRETS_ENV=krewak
+
+decrypt-krewak-prod-secrets:
+	@$(MAKE) decrypt-secrets-prod SECRETS_ENV=krewak AGE_SECRET_KEY=${SOPS_AGE_PROD_SECRET_KEY}
+
+encrypt-eskrzypacz-prod-secrets:
+	@$(MAKE) encrypt-secrets-prod SECRETS_ENV=eskrzypacz
+
+decrypt-eskrzypacz-prod-secrets:
+	@$(MAKE) decrypt-secrets-prod SECRETS_ENV=eskrzypacz AGE_SECRET_KEY=${SOPS_AGE_PROD_SECRET_KEY}
+
+encrypt-kzygadlo-prod-secrets:
+	@$(MAKE) encrypt-secrets-prod SECRETS_ENV=kzygadlo
+
+decrypt-kzygadlo-prod-secrets:
+	@$(MAKE) decrypt-secrets-prod SECRETS_ENV=kzygadlo AGE_SECRET_KEY=${SOPS_AGE_PROD_SECRET_KEY}
+
+encrypt-kpiech-prod-secrets:
+	@$(MAKE) encrypt-secrets-prod SECRETS_ENV=kpiech
+
+decrypt-kpiech-prod-secrets:
+	@$(MAKE) decrypt-secrets-prod SECRETS_ENV=kpiech AGE_SECRET_KEY=${SOPS_AGE_PROD_SECRET_KEY}
+
 decrypt-secrets:
 	@docker compose exec --user "${CURRENT_USER_ID}:${CURRENT_USER_GROUP_ID}" --env SOPS_AGE_KEY=${AGE_SECRET_KEY} ${DOCKER_COMPOSE_APP_CONTAINER} \
 		bash -c "echo 'Decrypting ${SECRETS_ENV} secrets' \
@@ -79,4 +103,18 @@ encrypt-secrets:
 			&& sops --encrypt --input-type=dotenv --output-type=dotenv --output .env.${SECRETS_ENV}.secrets .env.${SECRETS_ENV}.secrets.decrypted \
 			&& echo 'Done'"
 
+decrypt-secrets-prod:
+	@docker compose exec --user "${CURRENT_USER_ID}:${CURRENT_USER_GROUP_ID}" --env SOPS_AGE_KEY=${AGE_SECRET_KEY} ${DOCKER_COMPOSE_APP_CONTAINER} \
+		bash -c "echo 'Decrypting ${SECRETS_ENV} secrets' \
+			&& cd ./environment/prod/deployment/prod/apps/${SECRETS_ENV} \
+			&& sops --decrypt --input-type=dotenv --output-type=dotenv --output .env.prod.secrets.decrypted .env.prod.secrets \
+			&& echo 'Done'"
+
+encrypt-secrets-prod:
+	@docker compose exec --user "${CURRENT_USER_ID}:${CURRENT_USER_GROUP_ID}" ${DOCKER_COMPOSE_APP_CONTAINER} \
+		bash -c "echo 'Encrypting ${SECRETS_ENV} secrets' \
+			&& cd ./environment/prod/deployment/prod/apps/${SECRETS_ENV} \
+			&& sops --encrypt --input-type=dotenv --output-type=dotenv --output .env.prod.secrets .env.prod.secrets.decrypted \
+			&& echo 'Done'"
+
 .PHONY: init check-env-file build run stop restart shell shell-root test fix create-test-db queue encrypt-beta-secrets decrypt-beta-secrets
@@ -0,0 +1,41 @@
+export COMPOSE_DOCKER_CLI_BUILD = 1
+export DOCKER_BUILDKIT = 1
+
+MAKEFLAGS += --no-print-directory
+
+SHELL := /bin/bash
+
+CURRENT_USER_ID = $(shell id --user)
+CURRENT_USER_GROUP_ID = $(shell id --group)
+
+DOCKER_COMPOSE_FILENAME = docker-compose.prod.yml
+DOCKER_COMPOSE_APP_SERVICE = keating-prod-app
+
+DOCKER_EXEC_SCRIPT = docker compose --file ${DOCKER_COMPOSE_FILENAME} exec --workdir /application/environment/prod/deployment/scripts ${DOCKER_COMPOSE_APP_SERVICE} bash
+
+CURRENT_DIR = $(shell pwd)
+
+prod-deploy: decrypt-secrets create-deployment-file
+	@docker compose --file ${DOCKER_COMPOSE_FILENAME} pull && \
+	docker compose --file ${DOCKER_COMPOSE_FILENAME} up --detach && \
+	echo "App post deploy actions" && \
+        ${DOCKER_EXEC_SCRIPT} post-deploy-actions.sh
+
+SOPS_VERSION=3.8.1
+
+decrypt-secrets:
+	@wget --output-document ./sops "https://github.com/getsops/sops/releases/download/v${SOPS_VERSION}/sops-v${SOPS_VERSION}.linux.amd64" \
+    	&& chmod +x ./sops \
+    	&& mv .env.prod .env \
+    	&& echo "Decrypting secrets" \
+    	&& ./sops --decrypt --input-type=dotenv --output-type=dotenv .env.prod.secrets >> .env \
+    	&& echo "Done"
+
+DEPLOYMENT_DATETIME = $(shell TZ=Europe/Warsaw date --rfc-3339=seconds)
+
+create-deployment-file:
+	@echo "\
+	DEPLOY_DATE='${DEPLOYMENT_DATETIME}'\
+	" > .deployment
+
+.PHONY: prod-deploy decrypt-secrets create-deployment-file
@@ -0,0 +1,16 @@
+APP_NAME="ESkrzypacz Keating"
+ENVIRONMENT=prod
+APP_DEBUG=false
+
+COMPOSE_PROJECT_NAME=eskrzypacz
+TRAEFIK_ENABLED=true
+KEATING_HOST_NAME=
+APP_URL=https://${KEATING_HOST_NAME}/
+TRAEFIK_ROUTER_RULE=
+
+DB_DATABASE=eskrzypacz
+
+CACHE_DRIVER=redis
+QUEUE_CONNECTION=redis
+SESSION_DRIVER=redis
+MAIL_ENCRYPTION=tls
@@ -0,0 +1,10 @@
+APP_KEY=ENC[AES256_GCM,data:QPS4leL7OteykD3cNaCvneLZXsXPes5pPoKQYgPS+gungLGsR4BW6L+z52QzYgx4TLuk,iv:3Oj+TUJBXS+36+ZymItuM7cg1qbTwAp7HXUD1/PugHo=,tag:5iVfTAF0BaKhSAKCwnrn0g==,type:str]
+DB_ROOT_PASSWORD=ENC[AES256_GCM,data:4+A6SRUAbQ==,iv:tW3vo4XIFceYI3rHUBFusGacLGlCuGGmcTYrQMoiprM=,tag:tfRX6G/FI/pyqkyIlMQY9g==,type:str]
+DB_USERNAME=ENC[AES256_GCM,data:ATEhxeV2zv0u/g==,iv:Z85oBx1qWiYSSATiDGuTafNizJ7H1n2/+EUAMfgA1ag=,tag:Hhbv2R/LfhWhQE9a9Uaj0Q==,type:str]
+DB_PASSWORD=ENC[AES256_GCM,data:vTIS0pUIuUI=,iv:5veb3bzdLXhOIZXY3OnGOCVRI/HnSdvnjHgDOVARUD0=,tag:93MDvNip+0uIoWRKpeJBYw==,type:str]
+sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyV3B5MW00ZFJLN0pXM3FV\neTlhZWdRUFRLZUVlSUZlWjRZclViNnRKSHdFCmpraVZ4OWpJRWZ3L0hOTmc3dlA5\nenp6bVZZdUhOazh2NWR2b25CamFNb1UKLS0tIFZDK0VmR0pObjdiQisyYzE4NlQw\nZjFqSkNpRVVNQ1ZwTDQ5WVl1UW1iRG8KO7/dXeiMuEzO0wZhzDutMDApANYhQhXv\nRqs47V4esJVvXv4aCTzuZecK69r/7cDJr5Pi2CmEh6xO4oDug0l5Aw==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_0__map_recipient=age1h8wnpa5lx2vgn2h64lgpeanuct8q2tvzxvn5xmvms7exmwvmu9zq5str5w
+sops_lastmodified=2024-09-23T13:12:58Z
+sops_mac=ENC[AES256_GCM,data:VGugcNsO0MrU5fAdYRKESRbGlotswWSfmZMH/ia6RXdFvU5HN/o5Izzr9JyLqpC9Wv7k3hbV1+Sd6ZoEFkr+GE5r6u1eYajtO4v3p/VqeKNoAm375YFa9FwmMghV0auLyaEIZ6ho/hdnTFuTPd0GxqUmy6gwz0LIO3icH+RDBrI=,iv:4QPG1HsRaVOtcUBY9f3pU9aAJlgNsCYpB157t3t5Db4=,tag:crraDCmEQa+pseymh9ZTAg==,type:str]
+sops_unencrypted_suffix=_unencrypted
+sops_version=3.8.1
@@ -0,0 +1,16 @@
+APP_NAME="KPiech Keating"
+ENVIRONMENT=prod
+APP_DEBUG=false
+
+COMPOSE_PROJECT_NAME=kpiech
+TRAEFIK_ENABLED=true
+KEATING_HOST_NAME=
+APP_URL=https://${KEATING_HOST_NAME}/
+TRAEFIK_ROUTER_RULE=
+
+DB_DATABASE=kpiech
+
+CACHE_DRIVER=redis
+QUEUE_CONNECTION=redis
+SESSION_DRIVER=redis
+MAIL_ENCRYPTION=tls
@@ -0,0 +1,10 @@
+APP_KEY=ENC[AES256_GCM,data:N7j9fYRw14xsdaiKyhsj4iJ+CceFB71mBidqZsj55GImfFPKRthN7XawVqS5KHNSyFcv,iv:EulPttVMp7dO4J1XLpcFNks7T/LIbeW/KaaFp79ksO0=,tag:IspqoGd10C3F398qWGz+7Q==,type:str]
+DB_ROOT_PASSWORD=ENC[AES256_GCM,data:nlg2iFlmaQ==,iv:4EWH68joMBuct2LZzfCnAmCjTfMN59MwBEKRcE/zDnY=,tag:ZLTLNp4KUEjpuGqZeNuu6g==,type:str]
+DB_USERNAME=ENC[AES256_GCM,data:MTO1ZUId,iv:c+vWDPh5TOYRtD0EJFnj9nZS1ORhC3hXTeuzIj9A/jA=,tag:52KuTWEy/Ecmr8MsRtKyBA==,type:str]
+DB_PASSWORD=ENC[AES256_GCM,data:2oSfc41d5is=,iv:41XJ+3RgWDuOYLqByzPzVCYSztRYstF9DV8OvC5dwt8=,tag:zaQhWGqUGTnLsxfrSvIDqw==,type:str]
+sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwWlBCWGFYcWtzZ2xBT0xG\nUmoxMEc1TUdVUmF6eDB0UjBOaWprZy8vMXg4CmlmcTJqT3FoZ1AxaXpKSTA0b2pp\nYUFHRUFINkllSG9SMCthd0MwMU1PTzgKLS0tIEdrMno0Znp5d2lWNFJ6eGVyU0U3\ncjMvZm9SSHZQdDRWdXdnS1RLSm1JK2MKvuT4a1d6woeeagP7rSxZ792M8B9Jh8+x\ncUhIh2GdZyaugSzxCkUYwSwDXmpbXnjHPNf8IkdeWGFesvXfCD+UNA==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_0__map_recipient=age1h8wnpa5lx2vgn2h64lgpeanuct8q2tvzxvn5xmvms7exmwvmu9zq5str5w
+sops_lastmodified=2024-09-23T13:14:14Z
+sops_mac=ENC[AES256_GCM,data:dAS6B6h4n6q9XV/cojNOTEt27clYWr4XFBV4YneQovOoQsyiCVCbKArVC5L9UBtXOgwmZCKYFzZUSovkug0QOhI4yB+XmUUwxf2gqVS+6B+vOhel6rH/b8yzvpVYX6kpKXOK5luneVXNXV30li2oB1Y06oszp0ySn0amNpbSTzc=,iv:fFel+qZkfnjvueDHCQs982MSrLJDZ3KIxi2IbxfoK1Y=,tag:oiu3h8+0fSpCv/VgZW3inw==,type:str]
+sops_unencrypted_suffix=_unencrypted
+sops_version=3.8.1
@@ -0,0 +1,16 @@
+APP_NAME="KRewak Keating"
+ENVIRONMENT=prod
+APP_DEBUG=false
+
+COMPOSE_PROJECT_NAME=krewak
+TRAEFIK_ENABLED=true
+KEATING_HOST_NAME=
+APP_URL=https://${KEATING_HOST_NAME}/
+TRAEFIK_ROUTER_RULE=
+
+DB_DATABASE=krewak
+
+CACHE_DRIVER=redis
+QUEUE_CONNECTION=redis
+SESSION_DRIVER=redis
+MAIL_ENCRYPTION=tls
@@ -0,0 +1,10 @@
+APP_KEY=ENC[AES256_GCM,data:kmZ+oKJRGr7DjE7U57D5T38nbGqAx4Atf4Vr/gpkDWXxBWsdQEJXMOJpM/qcSlxSrNG1,iv:cjTDKtWD6pRChsh2XmnaS+N53aLQlOyqFqTi5OC2v7Q=,tag://cN7czWtzQUlGs0j706SQ==,type:str]
+DB_ROOT_PASSWORD=ENC[AES256_GCM,data:uMWjSidmUw==,iv:8+b0JZoDKC5YTjamWd9KJ0Bbd6aRHY8De0n6MvymqJM=,tag:M08ufjFZHZ36+WH8gO5lpA==,type:str]
+DB_USERNAME=ENC[AES256_GCM,data:5i4eEFV0,iv:Zs1qef74U1aMzJs/cxL/siXuM2EqzkNtiT3VJJlK8Og=,tag:9pNvN2yF5Qeh3vmNfkk5mw==,type:str]
+DB_PASSWORD=ENC[AES256_GCM,data:MHRxtiQ0kvc=,iv:n/uSXsLIn/bDs64E0hjAT+KIeo8aGBjLTqaL7L+8QM0=,tag:/TYPhwgEI4sElBBD7Es2bQ==,type:str]
+sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuY0pYdWR2dVQ1VzYwMmZu\nbm11Z3JPYWdodXc1bEFVRlZlZnpXakFsc0J3CnE0M1NRUnBBUnhVaS9PK3lZbENw\naDVGVHBQZUxSOWNOc1c2Z1NJWHhZdXMKLS0tIHRKa05kY3JtVWZYcDN0ZTFmN1gv\nV210QlFGcm9XeUZVSkxRd256M1ZTR1kKXBeY+Q6QRQBboAirXsjOgvSHU01CIQua\n9jQm885sfFtqMooGpPzZ6+AjlboniicQf9EkCHTKz9ZFUFg0eOOn9Q==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_0__map_recipient=age1h8wnpa5lx2vgn2h64lgpeanuct8q2tvzxvn5xmvms7exmwvmu9zq5str5w
+sops_lastmodified=2024-09-23T13:15:14Z
+sops_mac=ENC[AES256_GCM,data:aSzdUup4Iv/FyqYuNXSAYj1E/3SB6Wi6vq4za/WufhG10tsH9M7JvNW45XQioss/cg/Bc/GAHXo+1t294Gz3wVMcUXIxQIQoCn0cn51LrDl5yTLqyEPK2PiRAS9PMVRjsHPrOAD6QqtSulSgP9jfbgnL8H58pckcALr5KeDiV9U=,iv:qCx44thyEAZS5Q4/7cqPlrdGZ0iBAiQBfhisPh9ND+Y=,tag:GYZL9vsEAB39s0f12AZFiQ==,type:str]
+sops_unencrypted_suffix=_unencrypted
+sops_version=3.8.1
@@ -0,0 +1,17 @@
+APP_NAME="KZygadlo Keating"
+ENVIRONMENT=prod
+APP_DEBUG=false
+
+COMPOSE_PROJECT_NAME=kzygadlo
+TRAEFIK_ENABLED=true
+KEATING_HOST_NAME=
+APP_URL=https://${KEATING_HOST_NAME}/
+TRAEFIK_ROUTER_RULE=
+
+DB_DATABASE=kzygadlo
+
+CACHE_DRIVER=redis
+QUEUE_CONNECTION=redis
+SESSION_DRIVER=redis
+MAIL_ENCRYPTION=tls
+
@@ -0,0 +1,10 @@
+APP_KEY=ENC[AES256_GCM,data:wPPiHEOBTRg6Lalc9sYRElpmsV9tl8wcCybD6gEOb5357hFdCnD2boDaZj/affqAwJql,iv:01ThHZDQGxIrj6K8bfrpPzDUeqjnljT+nT7gmBleExM=,tag:5LgQr1hiCKv3q6f1RFrN9Q==,type:str]
+DB_ROOT_PASSWORD=ENC[AES256_GCM,data:AQreoFN8hQ==,iv:UC5Q6XZn7eQvh62FfOVvu/+nWAAtYcLbTQ4O6JC46ZU=,tag:S+CRRLiwxCOwWe0jsNIgqA==,type:str]
+DB_USERNAME=ENC[AES256_GCM,data:7zolMUIb/xA=,iv:69TiNMz09Bp3RYJ4u9WjUHB4MZTSyE9XvfkdvhbHnXw=,tag:cvtu33KOuNNZJutCQ/l+fg==,type:str]
+DB_PASSWORD=ENC[AES256_GCM,data:8QkcJvj/uz8=,iv:G6iYWUIDht7MmIeE95velfMpMKAY8wyV49YibGvtiJM=,tag:4Gfe3BmL9wRAWhi82nmtJg==,type:str]
+sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVOGZlb09nVWZGcG9QVU0y\nTGFldWlYNnlxWW1yUHd6L0JGb3hlRmIwV0FnCnNNNDF4SHNBVXoxL0dGUHhZVGZx\nbUxxYmFEUGI0N3ppai80Z2pKK3JHaTQKLS0tIGlJalAwWFZTQWVzSGo5cGhMbm5n\nZHpVdjdTS1VaM0JXQlRsNFNET3BCUVUKSj09NgxtI6hlJTZbo8Dj5OCvgJ5YpLk+\nHfRQ+AZ1OKiPlokjWu0nYa9stDO8H56PBSSLOAhKJNKuXoBQrV08sA==\n-----END AGE ENCRYPTED FILE-----\n
+sops_age__list_0__map_recipient=age1h8wnpa5lx2vgn2h64lgpeanuct8q2tvzxvn5xmvms7exmwvmu9zq5str5w
+sops_lastmodified=2024-09-23T13:15:21Z
+sops_mac=ENC[AES256_GCM,data:d1+1I+YjzQblT7xFrjJc8zPX9cvhm1K9FOhoohbh/wb/VwZArKh0QU9unQKeHeW1cBTZ9NKLLAfFhPYUP1CPO7IpKeKlcd7pHToixvdLAp4r5PD+mTMKS1uw8nSAmyuuA2Nr0a/C1/YtYVAo9qDvEfnBCN1zZQnABO1rUKnm+1E=,iv:e1yS1vd4fMa+bWazNIaFsW/iMnFLjagL4BWbALl9Nxc=,tag:yAKBkfgWKljduFVyV/fruA==,type:str]
+sops_unencrypted_suffix=_unencrypted
+sops_version=3.8.1