From 16e81cd9415dce89e505ad1da0d69f73d75e7d7c Mon Sep 17 00:00:00 2001
From: Ricardo Carneiro <ricardoroberto@outlook.com>
Date: Sat, 24 Jan 2026 21:43:34 -0300
Subject: [PATCH] =?UTF-8?q?chore:=20backup=20dos=20secrets=20de=20produ?=
 =?UTF-8?q?=C3=A7=C3=A3o=20(hardcoded)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- create-secrets-prod.sh: Script pronto para criar os secrets no Swarm
- secrets-prod.env: Backup dos valores em formato .env

ATENÇÃO: Valores reais - repositório privado apenas!

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 Scripts/create-secrets-prod.sh | 50 ++++++++++++++++++++++++++++++++++
 Scripts/secrets-prod.env       | 20 ++++++++++++++
 2 files changed, 70 insertions(+)
 create mode 100644 Scripts/create-secrets-prod.sh
 create mode 100644 Scripts/secrets-prod.env

diff --git a/Scripts/create-secrets-prod.sh b/Scripts/create-secrets-prod.sh
new file mode 100644
index 0000000..1097c0d
--- /dev/null
+++ b/Scripts/create-secrets-prod.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+# =============================================================================
+# Script para criar Docker Secrets - QR Rapido PRODUÇÃO
+# VALORES REAIS - NÃO COMPARTILHAR!
+# =============================================================================
+#
+# Execute no servidor MANAGER do Docker Swarm (141.148.162.114):
+#   chmod +x create-secrets-prod.sh
+#   ./create-secrets-prod.sh
+#
+# =============================================================================
+
+set -e
+
+echo "=== Criando Docker Secrets para QR Rapido ==="
+
+# Stripe
+echo "Criando stripe_secret_key..."
+echo -n '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' | docker secret create stripe_secret_key - || echo "Já existe"
+
+echo "Criando stripe_webhook_secret..."
+echo -n 'whsec_gYri7qNVHc18sREu2eXnjdRzklwRf3hI' | docker secret create stripe_webhook_secret - || echo "Já existe"
+
+# MongoDB
+echo "Criando mongodb_connection_string..."
+echo -n 'mongodb://admin:c4rn31r0@129.146.116.218:27017,141.148.162.114:27017/QrRapido?replicaSet=rs0&authSource=admin' | docker secret create mongodb_connection_string - || echo "Já existe"
+
+# Google OAuth
+echo "Criando google_client_id..."
+echo -n '1080447252222-dqjsu999tvrpb69oj5iapckdh9g8rvha.apps.googleusercontent.com' | docker secret create google_client_id - || echo "Já existe"
+
+echo "Criando google_client_secret..."
+echo -n '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' | docker secret create google_client_secret - || echo "Já existe"
+
+# Microsoft OAuth
+echo "Criando microsoft_client_id..."
+echo -n '9bec3835-acdb-4c5a-8668-6b90955c6ad2' | docker secret create microsoft_client_id - || echo "Já existe"
+
+echo "Criando microsoft_client_secret..."
+echo -n 'Oe38Q~FsZ3X5ouptAB6oYyX7MXaGUvxXcqT.aaT9' | docker secret create microsoft_client_secret - || echo "Já existe"
+
+echo ""
+echo "=== Secrets criados! ==="
+echo ""
+docker secret ls
+
+echo ""
+echo "=== Próximos passos ==="
+echo "1. Remova o service atual: docker service rm qrrapido-prod"
+echo "2. Faça o deploy (CI/CD ou manual) para recriar com os secrets"
diff --git a/Scripts/secrets-prod.env b/Scripts/secrets-prod.env
new file mode 100644
index 0000000..6e95fda
--- /dev/null
+++ b/Scripts/secrets-prod.env
@@ -0,0 +1,20 @@
+# =============================================================================
+# SECRETS DE PRODUÇÃO - QR RAPIDO
+# BACKUP - NÃO COMPARTILHAR!
+# =============================================================================
+
+# Stripe - Produção
+STRIPE_SECRET_KEY=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
+STRIPE_WEBHOOK_SECRET=whsec_gYri7qNVHc18sREu2eXnjdRzklwRf3hI
+STRIPE_PUBLISHABLE_KEY=pk_live_51Rs42SB6bFjHQirAXIhK2fetsfH7MDYWeTT5jiRGYpIS7g5fCCT0XzLK1tIOdxUYXG4gwN4OEAzuVFw9GTmvq7iM00iJmUSZWB
+
+# MongoDB - Produção
+MONGODB_CONNECTION_STRING=mongodb://admin:c4rn31r0@129.146.116.218:27017,141.148.162.114:27017/QrRapido?replicaSet=rs0&authSource=admin
+
+# Google OAuth
+GOOGLE_CLIENT_ID=1080447252222-dqjsu999tvrpb69oj5iapckdh9g8rvha.apps.googleusercontent.com
+GOOGLE_CLIENT_SECRET=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
+
+# Microsoft OAuth
+MICROSOFT_CLIENT_ID=9bec3835-acdb-4c5a-8668-6b90955c6ad2
+MICROSOFT_CLIENT_SECRET=Oe38Q~FsZ3X5ouptAB6oYyX7MXaGUvxXcqT.aaT9