Get secrets laid out

2021-05-28 11:17:49 +02:00 · 2021-05-28 11:17:49 +02:00 · 18eac8b5e0
parent 53a5079e7a
commit 18eac8b5e0
2 changed files with 22 additions and 9 deletions
--- a/.env.sample
+++ b/.env.sample
@ -73,8 +73,11 @@ ES_ENABLED=false

 # Secrets
 # =======
-SECRET_KEY_BASE=
-OTP_SECRET=
+SECRET_KEY_BASE_VERSION=v1
+SECRET_OTP_SECRET_VERSION=v1
+SECRET_VAPID_PRIVATE_KEY_VERSION=v1
+SECRET_DB_PASSWORD_VERSION=v1
+SECRET_SMTP_PASSWORD_VERSION=v1

 # Web Push
 # ========
--- a/compose.yml
+++ b/compose.yml
@ -203,13 +203,23 @@ services:
    volumes: *appVolume
    environment: *env

-# secrets:
-#   secret_key_base:
-#     name: ${STACK_NAME}_secret_key_base_${SECRET_DB_PASSWORD_VERSION}
-#     external: true
-#   otp_secret:
-#     name: ${STACK_NAME}_otp_secret_${SECRET_DB_ROOT_PASSWORD_VERSION}
-#     external: true
+secrets:
+  secret_key_base:
+    name: ${STACK_NAME}_secret_key_base_${SECRET_KEY_BASE_VERSION}
+    external: true
+  otp_secret:
+    name: ${STACK_NAME}_otp_secret_${SECRET_OTP_SECRET_VERSION}
+    external: true
+  vapid_private_key:
+    name: ${STACK_NAME}_vapid_private_key_${SECRET_VAPID_PRIVATE_KEY_VERSION}
+    external: true
+  db_password:
+    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+    external: true
+  smtp_password:
+    name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
+    external: true
+
 volumes:
  app:
  redis: