From f32e849632b0a5c4af883d6953d3c18148884eb4 Mon Sep 17 00:00:00 2001 From: Ahmed Darrazi Date: Mon, 15 Dec 2025 13:55:53 +0100 Subject: [PATCH] docs(spec): add deploy key example to deployment-credentials and prepare tasks --- .../checklists/deployment-credentials.md | 13 +++++++++++++ specs/001-add-dokploy-deploy/tasks.md | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/specs/001-add-dokploy-deploy/checklists/deployment-credentials.md b/specs/001-add-dokploy-deploy/checklists/deployment-credentials.md index d8c7f49f..ac8971e6 100644 --- a/specs/001-add-dokploy-deploy/checklists/deployment-credentials.md +++ b/specs/001-add-dokploy-deploy/checklists/deployment-credentials.md @@ -12,3 +12,16 @@ Security notes: - Use least-privilege tokens (read-only where possible). - Rotate keys periodically and document rotation steps in the runbook. - Do not commit secrets into repository files; store them only in Dokploy secrets or an external vault. + +Example: adding the provided deploy SSH public key + +1. Create a new secret named `REPO_DEPLOY_KEY` (type: ssh key) in the Dokploy project secrets. +2. Paste the following public key as the value for `REPO_DEPLOY_KEY` (label recommended: `dokploy`): + +``` +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCWNMhk+l4wY22aanXLRv0ATXwq3qwmePprMpTHxjUHakEfmefLlD0EGmSFJpMX+/owKyfyo6gJBRGtmUJtJPMIOgxb9GRhrs7vXHYhjw/RhTAfo45CGrnuqbDBp4OmDqe2Cdm7801UxzuJEbP+5Vtehg2uumKKWzWodTzMP7RjSAXEZHOh8+NhoK5LtMJzKHqw/lm0+q1evfL9LQ2POJBxgWdYYa/A7P3ZCGY4XjjdwB2Gh6hRKyy+ZQsuUximCQEAPCmRnKI0FyLXqLvlXCvyFUyKctlLvazQ7YgWLIVrVee14pQq/rr0lvagf3ODcJJF+dnWOjpPC6YzpPJV20/a2sHlr24dr50E1aNoh9OZVTayTcY7PBWkju3MaQXK3xL7OxnLs/c/juwu/6TOsqCjaUJXJcIDsniwjq2htaAqiweNfGZYp0gcE7D/O4cQShE/BMtxa2dLggcRUBA9UJptXkPS/fE2unjhxlH/c3PJqpFbSDh8WuCVVGa67ezd2FpqOd1zFbdf1tuUjEerwQvOwTGT4x1AuFiciYTd85sTWejR7CQ7IRR+Zms9QHvhYifAc3N2NP4rNh64o0nXUgON66uFrABEdHGGXIyrRJw6KTNJFrrgENEeeb0Q42fuPkMe9a8DFmqNxWzVcIEnRSsCnOM5rTJnLQzMoBjuyVp4Sw== dokploy +``` + +3. Ensure the Dokploy project configuration references `REPO_DEPLOY_KEY` for repository clone operations and Git LFS access. + +4. Optionally, add a short note in the project config: "This key is used by Dokploy to clone the `ahmido/lms` repo and fetch LFS objects." diff --git a/specs/001-add-dokploy-deploy/tasks.md b/specs/001-add-dokploy-deploy/tasks.md index 6b7fc3e0..bb24c6ef 100644 --- a/specs/001-add-dokploy-deploy/tasks.md +++ b/specs/001-add-dokploy-deploy/tasks.md @@ -62,7 +62,7 @@ description: "Task list for feature 001-add-dokploy-deploy" ## Phase N: Polish & Cross-Cutting Concerns - [ ] T017 [P] Update repository `README.md` with a "Deployment" section linking to `specs/001-add-dokploy-deploy/quickstart.md` (file: README.md) -- [ ] T018 Commit and push branch `001-add-dokploy-deploy` including `spec.md`, `tasks.md`, and all created docs/scripts (file: N/A - repo action) + - [ ] T018 Commit and push branch `001-add-dokploy-deploy` including `spec.md`, `tasks.md`, and all created docs/scripts (file: N/A - repo action) ---