From 7cc69e1e34a46c019650f3b7e20e7a033fb8b81a Mon Sep 17 00:00:00 2001
From: DerGrumpf <p.keier@beyerstedt-it.de>
Date: Wed, 8 Apr 2026 09:50:31 +0200
Subject: [PATCH] Updated GitIgnore, Explicit allow rules for secrets

---
 .gitignore | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/.gitignore b/.gitignore
index 6bcdec6..cbd5a89 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,12 +2,17 @@
 result
 result-*
 
-# sops age keys (never commit private keys)
-*.age
-keys.txt
-!keys.txt.age
+# Ignore everything in the secrets directory
+secrets/*
 
-# Explicitly (dis)allow specific keys/secrets
+# Explicitly allow ONLY these files
+!secrets/secrets.yaml
+!secrets/keys.txt.age
+!secrets/ssh-github
+!secrets/ssh-key
+
+# Explicitly block the plain text keys (even if the rule above changes)
+secrets/keys.txt
 secrets/ssh-private
 
 # macOS