first commit

.env.gpg

@@ -0,0 +1 @@
+Њ
	‡-о)y—ЙюТg
Б‡UlзHВЯљs(*}јД	ТПµ9H©t
RФwCЯРKї5МхЅpяіФH4§0ЙЗО‰iVБ {?Ч3& ¦jу|с(&L2ЛџХ<D19F>аµцP„¶T:I2hя·q{ в›

.gitea/workflows/decrypt_secrets.yml

@@ -0,0 +1,18 @@
+name: Decrypt Secrets
+run-name: Workflow for decrypting secrets
+on: [ push ]
+
+jobs:
+  DecryptSecrets:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Decrypt secrets
+        run: ./decrypt_secret.sh
+        env:
+          SECRET_PASSPHRASE: ${{ secrets.SECRET_PASSPHRASE }}
+      # This command is just an example to show your secret being printed
+      # Ensure you remove any print statements of your secrets. GitHub does
+      # not hide secrets that use this workaround.
+      - name: Test printing your secret (Remove this step in production)
+        run: cat ./.env

.gitignore

@@ -0,0 +1,2 @@
+.env
+.idea/

decrypt_secrets.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+# --batch to prevent interactive command
+# --yes to assume "yes" for questions
+gpg --quiet --batch --yes --decrypt --passphrase="$SECRET_PASSPHRASE" \
+--output ./.env ./.env.gpg