# .gitignore Protection Guide

**Created:** April 12, 2026  
**Purpose:** Prevent accidental commit of sensitive files

## What This File Does

This `.gitignore` protects your homelab from accidentally committing:
- ✅ `.env` files containing secrets
- ✅ Private SSH keys and certificates
- ✅ Backup files that might contain sensitive data
- ✅ Log files with access tokens
- ✅ Local configuration overrides

## Verification

Check that `.gitignore` is working:

```bash
# Create a test .env file
echo "SECRET=test123" > test.env

# Try to see if Git tracks it
git status

# You should NOT see test.env in the output
# Clean up
rm test.env
```

## Already Committed Secrets?

If secrets were already committed to Git history, see:
- [SECURITY_AUDIT_REPORT.md](documentation/SECURITY_AUDIT_REPORT.md) - Section: "Git History Cleanup"

## Related Documentation

- [SECURITY_AUDIT_REPORT.md](documentation/SECURITY_AUDIT_REPORT.md)
- [SOP-001: Secrets Management](documentation/SOPs/SOP-001-Migrate-Stack-from-UI-to-Git.md#security-considerations)