From abd1365a473e54467cc334ee90b9f52efbd31506 Mon Sep 17 00:00:00 2001
From: decentral1se <hi@decentral1.se>
Date: Fri, 11 Jun 2021 16:03:03 +0200
Subject: [PATCH] Add env and secrets

---
 .env.sample |  6 ++++++
 compose.yml | 16 ++++++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/.env.sample b/.env.sample
index 31a2135..09d6493 100644
--- a/.env.sample
+++ b/.env.sample
@@ -2,3 +2,9 @@ TYPE=keycloak-collective-portal
 
 DOMAIN=keycloak-collective-portal.example.com
 LETS_ENCRYPT_ENV=production
+
+KEYCLOAK_DOMAIN=foobar.com
+KEYCLOAK_CLIENT_ID=barfoo
+
+SECRET_APP_SECRET_KEY=v1
+SECRET_KEYCLOAK_CLIENT_SECRET=v1
diff --git a/compose.yml b/compose.yml
index b8bc5c2..e61bd3c 100644
--- a/compose.yml
+++ b/compose.yml
@@ -25,6 +25,14 @@ services:
 
   app:
     image: "decentral1se/keycloak-collective-portal:latest"
+    environment:
+      - APP_SECRET_KEY=/run/secrets/app_secret_key
+      - KEYCLOAK_CLIENT_ID
+      - KEYCLOAK_CLIENT_SECRET_FILE=/run/secrets/client_secret
+      - KEYCLOAK_DOMAIN
+    secrets:
+      - app_secret_key
+      - keycloak_client_secret
     networks:
       - internal
     configs:
@@ -49,3 +57,11 @@ configs:
     name: ${STACK_NAME}_entrypoint_conf_${ENTRYPOINT_CONF_VERSION}
     file: entrypoint.sh.tmpl
     template_driver: golang
+
+secrets:
+  app_secret_key:
+    external: true
+    name: ${STACK_NAME}_app_secret_key_${SECRET_APP_SECRET_KEY}
+  keycloak_client_secret:
+    external: true
+    name: ${STACK_NAME}_keycloak_client_secret_${SECRET_KEYCLOAK_CLIENT_SECRET}