MLO-340: secret fixes (#11)

* Updates LLM and embedding configurations to use OpenRouter and Gemini

* Renames and significantly expands environment configuration template

Renames the environment example file to a standard hidden env template to align with common conventions.

Extensively updates and reorganizes configuration options, adding detailed setup for LLM, embedding, storage backends, PostgreSQL, and overall LightRAG processing parameters.

Comments out some legacy and optional configuration lines to streamline initial setup and clarify default recommended values.

Updates gitignore to exclude various env-related files to protect sensitive keys and improve environment management.

* Updates default config with improved LLM and processing settings

* Adds openai-compatible environment file to .gitignore

* Adds new environment files to ignore list

* Refactor API key handling and PostgreSQL host naming

k8s-deploy/lightrag-minimal/templates/_helpers.tpl

@@ -73,7 +73,7 @@ PostgreSQL connection string
 */}}
 {{- define "lightrag-minimal.postgresqlHost" -}}
 {{- if .Values.postgresql.enabled }}
-{{- printf "%s-postgresql" (include "lightrag-minimal.fullname" .) }}
+{{- printf "%s-postgresql" .Release.Name }}
 {{- else }}
 {{- .Values.env.POSTGRES_HOST }}
 {{- end }}

k8s-deploy/lightrag-minimal/templates/deployment.yaml

@@ -61,7 +61,7 @@ spec:
               valueFrom:
                 secretKeyRef:
                   name: {{ include "lightrag-minimal.secretName" . }}
-                  key: openai-api-key
+                  key: llm-api-key
             
             # Embedding configuration
             - name: EMBEDDING_BINDING
@@ -70,11 +70,13 @@ spec:
               value: {{ .Values.env.EMBEDDING_MODEL | quote }}
             - name: EMBEDDING_DIM
               value: {{ .Values.env.EMBEDDING_DIM | quote }}
+            - name: EMBEDDING_BINDING_HOST
+              value: {{ .Values.env.EMBEDDING_BINDING_HOST | quote }}
             - name: EMBEDDING_BINDING_API_KEY
               valueFrom:
                 secretKeyRef:
                   name: {{ include "lightrag-minimal.secretName" . }}
-                  key: openai-api-key
+                  key: embedding-api-key
             
             # Storage configuration
             - name: LIGHTRAG_KV_STORAGE

k8s-deploy/lightrag-minimal/templates/secret.yaml

@@ -7,4 +7,6 @@ metadata:
 type: Opaque
 data:
   openai-api-key: {{ .Values.secrets.openaiApiKey | b64enc | quote }}
+  llm-api-key: {{ .Values.secrets.llmApiKey | b64enc | quote }}
+  embedding-api-key: {{ .Values.secrets.embeddingApiKey | b64enc | quote }}
   postgres-password: {{ .Values.postgresql.auth.password | b64enc | quote }}

k8s-deploy/lightrag-minimal/values.yaml

@@ -128,8 +128,11 @@ env:
 
 # Secret configuration for API keys
 secrets:
-  # Create a secret with your OpenAI API key
-  openaiApiKey: "" # Set this or create manually
+  # Create a secret with your API keys
+  openaiApiKey: "" # Legacy field, kept for backward compatibility
+  llmApiKey: "" # API key for LLM service (e.g., OpenRouter)
+  embeddingApiKey: "" # API key for embedding service (e.g., Google Gemini)
+  
 
 # Node selector and affinity
 nodeSelector: {}