90cfac70a0
- Add EncryptionService (AES-256-GCM) with passthrough when no key set - Flyway V3: enable pgcrypto extension + widen name columns to TEXT - DatabaseFactory: init EncryptionService from BOLLWERK_DB_ENCRYPTION_KEY, run migrateEncryptData() to encrypt existing plaintext rows on startup - InventoryRepository: encrypt on write, decrypt on read for items.name, items.notes, categories.name, locations.name, settings.value - MessageRepository: encrypt body on write, decrypt on read - docker-compose.yml: document BOLLWERK_DB_ENCRYPTION_KEY env var - docker-compose-vps.yml: pass BOLLWERK_DB_ENCRYPTION_KEY from .env - .env.example: add key generation template - .gitignore: add .env to ignore list Closes #98
38 lines
401 B
Text
38 lines
401 B
Text
# Android / Gradle
|
|
*.iml
|
|
.gradle/
|
|
local.properties
|
|
.idea/
|
|
*.hprof
|
|
build/
|
|
captures/
|
|
.externalNativeBuild/
|
|
.cxx/
|
|
*.apk
|
|
*.aab
|
|
*.ap_
|
|
*.dex
|
|
|
|
# Kotlin
|
|
*.class
|
|
|
|
# OS
|
|
.DS_Store
|
|
Thumbs.db
|
|
desktop.ini
|
|
|
|
# VS Code
|
|
.vscode/settings.json
|
|
|
|
# Temp-Dateien (Screenshots, Logs etc.)
|
|
tmp/
|
|
|
|
# H2 Database files
|
|
server/data/
|
|
|
|
# Copilot memories (session-only)
|
|
memories/session/
|
|
|
|
# Environment secrets (never commit)
|
|
.env
|
|
|