#110 Init Secrets.md

Update DDClient readme for new hostname

docs/Secrets.md

@@ -0,0 +1,15 @@
+# Secrets
+Our repository contains as many configuration details as reasonable. But we must secure our secrets: passwords, API keys, encryption seeds, etc..  
+
+## Docker Env Vars
+1. We store our Docker env vars in a file named after the service. For example `keycloak.env`. 
+2. We separate our secrets from non-secret env vars by placing them in a file with a similar name, but with `_secrets` appended to the service name. For example `keycloak_secrets.env`. These files exist only on the host for which they are necessary, and must be created manually on the host. 
+3. Our repository `.gitignore` excludes all files matching `*.secret`, and `*_secrets.env`. 
+
+Note: This makes secrets very fragile. Accidental deletion or other data loss can destroy the secret permanently.
+
+## Generating Secrets
+We use the password manager's generator to create secrets with the desired parameters, preferring the following parameters:
+    - 64 characters
+    - Capital letters, lowercase letters, numbers, and standard symbols (`^*@#!&$%`)
+If necessary, we will reduce characterset by cutting out symbols before reducing string length.

fighter/config/ddns/README.md

@@ -6,7 +6,7 @@ Our credentials are stored in `ddclient_secrets.env`, which is git-ignored. Addi
 So we generate the config file when it must be updated. To update the file, we can run the following command:  
 
 ```bash
-cd ~/homelab/jafner-net/config/ddns/ && \
+cd ~/homelab/fighter/config/ddns/ && \
 export $(cat ddclient_secrets.env | xargs) && \
 envsubst < ./ddclient/ddclient.template > ./ddclient/ddclient.conf && \
 unset $(grep -v '^#' ddclient_secrets.env | sed -E 's/(.*)=.*/\1/' | xargs) && \