From 02878439afe38baa6a4a12b95e446b2bcbe6b48f Mon Sep 17 00:00:00 2001
From: Ender <enderyildirim@outlook.com>
Date: Mon, 27 Oct 2025 21:31:16 +0100
Subject: [PATCH] chore: remove sensitive credentials and improve env file
 security

- Removed .env file containing sensitive API keys and passwords from version control
- Updated .gitignore to exclude all .env files except .env.example across all apps
- Added protection for environment files in subdirectories with apps/**/.env pattern
- Ensures credentials and secrets are kept out of repository while preserving example templates
---
 .env       | 24 ------------------------
 .gitignore |  6 ++++++
 2 files changed, 6 insertions(+), 24 deletions(-)
 delete mode 100644 .env

diff --git a/.env b/.env
deleted file mode 100644
index d14b826..0000000
--- a/.env
+++ /dev/null
@@ -1,24 +0,0 @@
-# Database
-MYSQL_ROOT_PASSWORD=voxblogRootPass123!
-MYSQL_PASSWORD=voxblogAppPass123!
-DB_HOST=mysql
-DB_PORT=3306
-DB_USER=voxblog
-DB_PASSWORD=voxblogAppPass123!
-DB_NAME=voxblog
-
-# Application
-ADMIN_PASSWORD=P!JfChRiaA2Gdnm6iIo8
-OPENAI_API_KEY=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
-GHOST_ADMIN_API_KEY=c61e51d43cc983d5e0955ef4:d510e6fc875d8179f2d4d425ab8cd1ac39e96165e4af90bab4173427063cad54
-GHOST_ADMIN_API_URL=https://pusula.blog/ghost
-
-# S3 Storage
-S3_BUCKET=voxblog
-S3_REGION=us-east-1
-S3_ACCESS_KEY=minio-689791bae30a0b59e76d59eb
-S3_SECRET_KEY=dcb9f584e325977285f04c17c64e62c73bd0726e1469b2a2
-S3_ENDPOINT=https://s3.pusula.blog
-
-# Frontend (for production deployment)
-VITE_API_URL=https://admin.pusula.blog/api
diff --git a/.gitignore b/.gitignore
index 923f2f2..df2aa4c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,12 @@ node_modules/
 
 # Env & secrets
 .env.local
+.env
+.env.*
+!.env.example
+apps/**/.env
+apps/**/.env.*
+!apps/**/.env.example
 
 # Logs
 npm-debug.log*