.env.sample

@@ -150,7 +150,7 @@ SECRET_POSTGRES_PASSWORD_VERSION=v1
 SECRET_MEILI_MASTER_KEY_VERSION=v1
 SECRET_SEEDS_PW_VERSION=v1
 SECRET_LIVEBOOK_PASSWORD_VERSION=v1
-
+SECRET_MAIL_KEY_VERSION=v1
 SECRET_SECRET_KEY_BASE_VERSION=v1 # length=128
 SECRET_SIGNING_SALT_VERSION=v1 # length=128
 SECRET_ENCRYPTION_SALT_VERSION=v1 # length=128

compose.mail.yml

@@ -4,8 +4,12 @@ services:
   app:
     secrets:
       - mail_password
+      - mail_key
 
 secrets:
   mail_password:
     external: true
     name: ${STACK_NAME}_mail_password_${SECRET_MAIL_PASSWORD_VERSION}
+  mail_key:
+    external: true
+    name: ${STACK_NAME}_mail_key_${SECRET_MAIL_KEY_VERSION}

entrypoint.sh.tmpl

@@ -10,10 +10,15 @@ export SEEDS_PW=$(cat /run/secrets/seeds_pw)
 export LIVEBOOK_PASSWORD=$(cat /run/secrets/livebook_password)
 
 # Only read the secret when the MAIL_PASSWORD was not set to remain backwards compatible
-if [[ -z ${MAIL_PASSWORD} ]]; then
+if [ -f /run/secrets/mail_password ] && [ -z "${MAIL_PASSWORD}" ]; then
     export MAIL_PASSWORD=$(cat /run/secrets/mail_password)
 fi
 
+# Only read the secret when the MAIL_KEY was not set to remain backwards compatible
+if [ -f /run/secrets/mail_key ] && [ -z "${MAIL_KEY}" ]; then
+    export MAIL_KEY=$(cat /run/secrets/mail_key)
+fi
+
 echo "....Secrets have been loaded, now run $@...."
 
 # This will exec the CMD from your Dockerfile