Simplify configuration to use direct password instead of secrets

.woodpecker.yml

@@ -45,8 +45,6 @@ steps:
         from_secret: REGISTRY_USER
       REGISTRY_PASSWORD:
         from_secret: REGISTRY_PASSWORD
-      DB_PASSWORD:
-        from_secret: DB_PASSWORD
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
@@ -55,8 +53,7 @@ steps:
       - HOSTNAME=$(docker info --format "{{.Name}}")
       - echo "Deploying on $HOSTNAME"
       - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
-      # Create required secret for database password
+      # No need to create secrets, using direct environment variables
-      - echo "$${DB_PASSWORD}" | docker secret create db_password - || echo "Secret db_password already exists"
       - docker stack deploy --with-registry-auth -c stack.production.yml ploughshares
     when:
       branch: main

stack.production.yml

@@ -28,14 +28,12 @@ services:
       - POSTGRES_PORT=5432
       - POSTGRES_DB=ploughshares
       - POSTGRES_USER=ploughshares
-      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - POSTGRES_PASSWORD=ploughshares_password
     networks:
       - traefik
       - ploughshares-internal
     volumes:
       - ploughshares_uploads:/app/uploads
-    secrets:
-      - db_password
     depends_on:
       - ploughshares-db
 
@@ -49,13 +47,11 @@ services:
     environment:
       - POSTGRES_DB=ploughshares
       - POSTGRES_USER=ploughshares
-      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - POSTGRES_PASSWORD=ploughshares_password
     networks:
       - ploughshares-internal
     volumes:
       - ploughshares_db_data:/var/lib/postgresql/data
-    secrets:
-      - db_password
 
 volumes:
   ploughshares_db_data:
@@ -63,7 +59,3 @@ volumes:
   ploughshares_uploads:
     driver: local
 
-secrets:
-  db_password:
-    external: true
-