diff --git a/.env.sample b/.env.sample
index fa58e45..d99ff47 100644
--- a/.env.sample
+++ b/.env.sample
@@ -18,6 +18,8 @@ SECRET_COLLABORATION_SERVER_SECRET_VERSION=v1
 SECRET_POSTGRES_PASSWORD_VERSION=v1
 SECRET_DB_PASSWORD_VERSION=v1
 
+MINIO_ROOT_PASSWORD_FILE="/run/secrets/minio_pass"
+POSTGRES_PASSWORD_FILE="/run/secrets/postgres_pass"
 
 ##############################################################################
 # EMAIL
@@ -31,11 +33,12 @@ DJANGO_EMAIL_PORT=1025
 # SINGLE SIGN ON
 ##############################################################################
 # NOTE: OpenID Connect (OIDC) single sign-on is **required**, see recipe README
-OIDC_OP_JWKS_ENDPOINT=https://auth.${DOMAIN}/realms/${DOMAIN}/protocol/openid-connect/certs
-OIDC_OP_AUTHORIZATION_ENDPOINT=https://auth.${DOMAIN}/realms/${DOMAIN}/protocol/openid-connect/auth
-OIDC_OP_TOKEN_ENDPOINT=https://auth.${DOMAIN}/realms/${DOMAIN}/protocol/openid-connect/token
-OIDC_OP_USER_ENDPOINT=https://auth.${DOMAIN}/realms/${DOMAIN}/protocol/openid-connect/userinfo
-OIDC_RP_CLIENT_ID=${DOMAIN}
+OIDC_REALM=yourkeycloakrealm
+OIDC_OP_JWKS_ENDPOINT=https://auth.${DOMAIN}/realms/${OIDC_REALM}/protocol/openid-connect/certs
+OIDC_OP_AUTHORIZATION_ENDPOINT=https://auth.${DOMAIN}/realms/${OIDC_REALM}/protocol/openid-connect/auth
+OIDC_OP_TOKEN_ENDPOINT=https://auth.${DOMAIN}/realms/${OIDC_REALM}/protocol/openid-connect/token
+OIDC_OP_USER_ENDPOINT=https://auth.${DOMAIN}/realms/${OIDC_REALM}/protocol/openid-connect/userinfo
+OIDC_RP_CLIENT_ID=yourkeycloakclientid
 OIDC_RP_SIGN_ALGO=RS256
 OIDC_RP_SCOPES="openid email"
 LOGIN_REDIRECT_URL=https://${DOMAIN}
diff --git a/compose.yml b/compose.yml
index 21bf2a4..cff3f02 100644
--- a/compose.yml
+++ b/compose.yml
@@ -269,6 +269,8 @@ services:
     networks:
       proxy:
       backend:
+    environment:
+      - STACK_NAME
     deploy:
       labels:
         - "traefik.enable=true"