diff --git a/.woodpecker.yml b/.woodpecker.yml index fad5fb3..1b44391 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -45,8 +45,6 @@ steps: from_secret: REGISTRY_USER REGISTRY_PASSWORD: from_secret: REGISTRY_PASSWORD - DB_PASSWORD: - from_secret: DB_PASSWORD volumes: - /var/run/docker.sock:/var/run/docker.sock commands: @@ -55,8 +53,7 @@ steps: - HOSTNAME=$(docker info --format "{{.Name}}") - echo "Deploying on $HOSTNAME" - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us - # Create required secret for database password - - echo "$${DB_PASSWORD}" | docker secret create db_password - || echo "Secret db_password already exists" + # No need to create secrets, using direct environment variables - docker stack deploy --with-registry-auth -c stack.production.yml ploughshares when: branch: main diff --git a/stack.production.yml b/stack.production.yml index 983977f..cff5528 100644 --- a/stack.production.yml +++ b/stack.production.yml @@ -28,14 +28,12 @@ services: - POSTGRES_PORT=5432 - POSTGRES_DB=ploughshares - POSTGRES_USER=ploughshares - - POSTGRES_PASSWORD_FILE=/run/secrets/db_password + - POSTGRES_PASSWORD=ploughshares_password networks: - traefik - ploughshares-internal volumes: - ploughshares_uploads:/app/uploads - secrets: - - db_password depends_on: - ploughshares-db @@ -49,13 +47,11 @@ services: environment: - POSTGRES_DB=ploughshares - POSTGRES_USER=ploughshares - - POSTGRES_PASSWORD_FILE=/run/secrets/db_password + - POSTGRES_PASSWORD=ploughshares_password networks: - ploughshares-internal volumes: - ploughshares_db_data:/var/lib/postgresql/data - secrets: - - db_password volumes: ploughshares_db_data: @@ -63,7 +59,3 @@ volumes: ploughshares_uploads: driver: local -secrets: - db_password: - external: true -