redaction (#1)

Add the redacted source file for demo purposes

Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1
Co-authored-by: Michael DiLeo <michael_dileo@proton.me>
Co-committed-by: Michael DiLeo <michael_dileo@proton.me>

.cursor/rules/sops-secret-template.yaml

@@ -0,0 +1,48 @@
+# SOPS Secret Template
+# Use this template for creating encrypted secrets
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: app-secret
+  namespace: app-namespace
+type: Opaque
+data:
+  # These fields will be encrypted by SOPS
+  # Replace with actual base64-encoded values before encryption
+  DATABASE_PASSWORD: <REPLACE_WITH_BASE64_ENCODED_PASSWORD>
+  S3_ACCESS_KEY: <REPLACE_WITH_BASE64_ENCODED_KEY>
+  S3_SECRET_KEY: <REPLACE_WITH_BASE64_ENCODED_SECRET>
+  REDIS_PASSWORD: <REPLACE_WITH_BASE64_ENCODED_PASSWORD>
+
+---
+# ConfigMap for non-sensitive configuration
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: app-config
+  namespace: app-namespace
+data:
+  # Database connection
+  DATABASE_HOST: "postgresql-shared-rw.postgresql-system.svc.cluster.local"
+  DATABASE_PORT: "5432"
+  DATABASE_NAME: "app_database"
+  
+  # Redis connection
+  REDIS_HOST: "redis-ha-haproxy.redis-system.svc.cluster.local"
+  REDIS_PORT: "6379"
+  
+  # S3 storage configuration
+  S3_BUCKET: "app-bucket"
+  S3_REGION: "<REPLACE_WITH_S3_REGION>"
+  S3_ENDPOINT: "<REPLACE_WITH_S3_ENDPOINT>"
+  S3_CDN_URL: "<REPLACE_WITH_CDN_URL>"
+  
+  # Application settings
+  APP_ENV: "production"
+  APP_DEBUG: "false"
+
+# SOPS encryption commands:
+# sops -e -i this-file.yaml
+# sops this-file.yaml  # to edit
+# sops -d this-file.yaml | kubectl apply -f -  # to apply