# Node02 Secrets Directory

This directory contains TLS certificates and cluster configuration for node02.

## Files

### Required (to be populated by S3 - TLS Certificate Generation)

- `ca.crt` - Certificate Authority certificate (shared across all nodes)
- `node02.crt` - Node02 TLS certificate
- `node02.key` - Node02 TLS private key (permissions: 0400)

### Already Present

- `cluster-config.json` - Cluster configuration for Raft bootstrap

## Permissions

After copying certificates:

```bash
chmod 644 ca.crt
chmod 644 node02.crt
chmod 400 node02.key
chown root:root *
```

## Provisioning

These files will be deployed to `/etc/nixos/secrets/` during nixos-anywhere provisioning (S5).