1
0
Fork 0

drone: encrypt secrets

This commit is contained in:
Lukáš Kucharczyk 2023-12-07 11:28:33 +01:00
parent f9d60040a3
commit fcee30acef
Signed by: lukas
SSH Key Fingerprint: SHA256:vMuSwvwAvcT6htVAioMP7rzzwMQNi3roESyhv+nAxeg
3 changed files with 8 additions and 3 deletions

BIN
secrets/drone.env Normal file

Binary file not shown.

View File

@ -1,3 +1,2 @@
DRONE_RPC_SECRET=c9abde046b241975770a775fca86e4c9
DRONE_SERVER_HOST=drone.${DOMAIN} DRONE_SERVER_HOST=drone.${DOMAIN}
DRONE_RPC_HOST=${DRONE_SERVER_HOST} DRONE_RPC_HOST=${DRONE_SERVER_HOST}

View File

@ -10,9 +10,12 @@ services:
- ${DOCKER_STORAGE_PATH}/drone:/data - ${DOCKER_STORAGE_PATH}/drone:/data
env_file: env_file:
- drone.env - drone.env
- ../../secrets/drone.env
environment: environment:
- DRONE_GITEA_CLIENT_ID=0d11d359-a420-4a66-a04c-0a136448b7e7 # encrypted
- DRONE_GITEA_CLIENT_SECRET=Qx0LqE0Qb-M3MZAiojtlILRY3nfNzOiUUTdOCpW7Feo= # - DRONE_GITEA_CLIENT_ID=
# - DRONE_GITEA_CLIENT_SECRET=
# - DRONE_RPC_SECRET=
- DRONE_GITEA_SERVER=https://git.${DOMAIN} - DRONE_GITEA_SERVER=https://git.${DOMAIN}
- DRONE_SERVER_PROTO=https - DRONE_SERVER_PROTO=https
- DRONE_USER_CREATE=username:lukas,admin:true - DRONE_USER_CREATE=username:lukas,admin:true
@ -30,7 +33,10 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
env_file: env_file:
- drone.env - drone.env
- ../../secrets/drone.env
environment: environment:
# encrypted
# - DRONE_RPC_SECRET=
- DRONE_RPC_PROTO=https - DRONE_RPC_PROTO=https
- DRONE_RUNNER_CAPACITY=1 - DRONE_RUNNER_CAPACITY=1
- DRONE_RUNNER_NAME=nas-docker-runner - DRONE_RUNNER_NAME=nas-docker-runner