1
0
Fork 0

drone: encrypt secrets

This commit is contained in:
Lukáš Kucharczyk 2023-12-07 11:28:33 +01:00
parent f9d60040a3
commit e9de65677e
Signed by: lukas
SSH Key Fingerprint: SHA256:vMuSwvwAvcT6htVAioMP7rzzwMQNi3roESyhv+nAxeg
3 changed files with 6 additions and 3 deletions

BIN
secrets/drone.env Normal file

Binary file not shown.

View File

@ -1,3 +1,2 @@
DRONE_RPC_SECRET=c9abde046b241975770a775fca86e4c9
DRONE_SERVER_HOST=drone.${DOMAIN} DRONE_SERVER_HOST=drone.${DOMAIN}
DRONE_RPC_HOST=${DRONE_SERVER_HOST} DRONE_RPC_HOST=${DRONE_SERVER_HOST}

View File

@ -10,12 +10,14 @@ services:
- ${DOCKER_STORAGE_PATH}/drone:/data - ${DOCKER_STORAGE_PATH}/drone:/data
env_file: env_file:
- drone.env - drone.env
- ../../secrets/drone.env
environment: environment:
- DRONE_GITEA_CLIENT_ID=0d11d359-a420-4a66-a04c-0a136448b7e7 - DRONE_GITEA_CLIENT_ID=${DRONE_GITEA_CLIENT_ID_VALUE}
- DRONE_GITEA_CLIENT_SECRET=Qx0LqE0Qb-M3MZAiojtlILRY3nfNzOiUUTdOCpW7Feo= - DRONE_GITEA_CLIENT_SECRET=${DRONE_GITEA_CLIENT_SECRET_VALUE}
- DRONE_GITEA_SERVER=https://git.${DOMAIN} - DRONE_GITEA_SERVER=https://git.${DOMAIN}
- DRONE_SERVER_PROTO=https - DRONE_SERVER_PROTO=https
- DRONE_USER_CREATE=username:lukas,admin:true - DRONE_USER_CREATE=username:lukas,admin:true
- DRONE_RPC_SECRET=${DRONE_RPC_SECRET_VALUE}
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -30,10 +32,12 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
env_file: env_file:
- drone.env - drone.env
- ../../secrets/drone.env
environment: environment:
- DRONE_RPC_PROTO=https - DRONE_RPC_PROTO=https
- DRONE_RUNNER_CAPACITY=1 - DRONE_RUNNER_CAPACITY=1
- DRONE_RUNNER_NAME=nas-docker-runner - DRONE_RUNNER_NAME=nas-docker-runner
- DRONE_RPC_SECRET=${DRONE_RPC_SECRET_VALUE}
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped