# Example secrets file for ops-jrz1 Matrix platform
# Copy this file to secrets.yaml and replace with your actual secrets
# Then encrypt with: sops -e -i secrets/secrets.yaml

# Matrix homeserver configuration
matrix-registration-token: "GENERATE_WITH_openssl_rand_hex_32"

# ACME/Let's Encrypt email for certificate notifications
acme-email: "admin@example.com"

# mautrix-slack bridge secrets
mautrix-slack:
  app-token: "xapp-YOUR-SLACK-APP-TOKEN"
  bot-token: "xoxb-YOUR-SLACK-BOT-TOKEN"

# mautrix-whatsapp bridge secrets (no long-term secrets, QR code pairing)
# Configuration is stored in bridge database after pairing

# mautrix-gmessages bridge secrets
mautrix-gmessages:
  # Google Messages pairing data stored in bridge database
  google-account-token: "GENERATED_AFTER_PAIRING"

# Fail2ban notification email (optional)
fail2ban-notification-email: "admin@example.com"

# PostgreSQL database passwords
postgresql:
  mautrix-slack-password: "GENERATE_SECURE_PASSWORD"
  mautrix-whatsapp-password: "GENERATE_SECURE_PASSWORD"
  mautrix-gmessages-password: "GENERATE_SECURE_PASSWORD"