k8s

03-backend-secret.yaml

@@ -0,0 +1,41 @@
+# Backend Secrets — plain text via stringData (k8s base64-encodes them automatically)
+#
+# BEFORE APPLYING:
+#   - Replace JWT_SECRET and JWT_REFRESH_SECRET with strong random strings
+#   - DATABASE_URL points to the in-cluster postgres service (do not change the hostname)
+#   - MONGODB_URI uses MongoDB Atlas (cloud) — taken directly from the env file
+#   - REDIS_URL points to the in-cluster redis service (do not change the hostname)
+#   - Update PAYTM_CALLBACK_URL with your actual backend Node IP and NodePort (30300)
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: backend-secret
+  namespace: ecommerce
+type: Opaque
+stringData:
+  # PostgreSQL — in-cluster service "postgres" on port 5432
+  DATABASE_URL: "postgresql://vaishnavi:admin@postgres:5432/vaishnavi_db?schema=public"
+
+  # MongoDB Atlas — cloud hosted, taken from env file
+  MONGODB_URI: "mongodb+srv://techintern_db_user:LiIb5oaof93wx0MY@cluster0.bnv4nae.mongodb.net/vaishnavi_products"
+
+  # Redis — in-cluster service "redis" on port 6379
+  REDIS_URL: "redis://redis:6379"
+
+  # JWT — replace these with strong secrets before deploying to production
+  JWT_SECRET: "your-super-secret-jwt-key-change-this-in-production"
+  JWT_REFRESH_SECRET: "your-refresh-token-secret"
+
+  # AWS S3 / MinIO — taken from env file
+  AWS_ACCESS_KEY_ID: "uA7WvT9fhydcozyz5alo"
+  AWS_SECRET_ACCESS_KEY: "AusEy6KKqanQQU3Zw3rXYBaiS5BM8aPoAKfpcbFr"
+
+  # Email (Gmail SMTP app password)
+  EMAIL_USER: "vaibhav.sahasrara@gmail.com"
+  EMAIL_PASS: "pezjcxfnegguzkuh"
+
+  # Paytm — update PAYTM_CALLBACK_URL with real node IP
+  PAYTM_MERCHANT_ID: "your_merchant_id"
+  PAYTM_MERCHANT_KEY: "abcd1234abcd1234"
+  PAYTM_CALLBACK_URL: "http://<NODE_IP>:30300/api/payments/paytm/callback"