diff --git a/.woodpecker.yml b/.woodpecker.yml
index 17e26c1..5bf02f4 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -41,13 +41,7 @@ steps:
         from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
       IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
         from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
-      # Client Secrets
-      CLIENT_SECRET_HEADSCALE:
-        from_secret: CLIENT_SECRET_HEADSCALE
-      CLIENT_SECRET_HEADADMIN:
-        from_secret: CLIENT_SECRET_HEADADMIN
-      CLIENT_SECRET_PORTAINER:
-        from_secret: CLIENT_SECRET_PORTAINER
+      # OAuth Client Secrets removed - handled by Docker Swarm secrets at runtime
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -88,13 +82,7 @@ steps:
         from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
       IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
         from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
-      # Client Secrets
-      CLIENT_SECRET_HEADSCALE:
-        from_secret: CLIENT_SECRET_HEADSCALE
-      CLIENT_SECRET_HEADADMIN:
-        from_secret: CLIENT_SECRET_HEADADMIN
-      CLIENT_SECRET_PORTAINER:
-        from_secret: CLIENT_SECRET_PORTAINER
+      # OAuth Client Secrets removed - handled by Docker Swarm secrets at runtime
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -156,13 +144,7 @@ steps:
         from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
       IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
         from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
-      # Client Secrets
-      CLIENT_SECRET_HEADSCALE:
-        from_secret: CLIENT_SECRET_HEADSCALE
-      CLIENT_SECRET_HEADADMIN:
-        from_secret: CLIENT_SECRET_HEADADMIN
-      CLIENT_SECRET_PORTAINER:
-        from_secret: CLIENT_SECRET_PORTAINER
+      # OAuth Client Secrets removed - handled by Docker Swarm secrets at runtime
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -203,13 +185,7 @@ steps:
         from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
       IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
         from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
-      # Client Secrets
-      CLIENT_SECRET_HEADSCALE:
-        from_secret: CLIENT_SECRET_HEADSCALE
-      CLIENT_SECRET_HEADADMIN:
-        from_secret: CLIENT_SECRET_HEADADMIN
-      CLIENT_SECRET_PORTAINER:
-        from_secret: CLIENT_SECRET_PORTAINER
+      # OAuth Client Secrets removed - handled by Docker Swarm secrets at runtime
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands: