From 6fbb718cad72183112be34dd76cdc58127b861ad Mon Sep 17 00:00:00 2001
From: Luke Murphy <lukewm@riseup.net>
Date: Thu, 31 Dec 2020 15:26:15 +0100
Subject: [PATCH] Use `PASSWORD` secret convention

See https://git.autonomic.zone/coop-cloud/abra/pulls/33.
---
 .drone.yml  | 12 ++++++------
 .env.sample | 15 ++++++++-------
 compose.yml | 14 ++++++++------
 3 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 9fce15e..24b0186 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -28,12 +28,12 @@ steps:
       GITEA_MAILER_USER: foo@example.com
       GITEA_SSH_PORT: 2222
       APP_INI_VERSION: v1
-      DB_PASSWD_VERSION: v1
-      DB_ROOT_PASSWD_VERSION: v1
-      INTERNAL_TOKEN_VERSION: v1
-      JWT_SECRET_VERSION: v1
-      SECRET_KEY_VERSION: v1
-      SMTP_PASSWD_VERSION: v1
+      SECRET_DB_PASSWORD_VERSION: v1
+      SECRET_DB_ROOT_PASSWORD_VERSION: v1
+      SECRET_INTERNAL_TOKEN_VERSION: v1
+      SECRET_JWT_SECRET_VERSION: v1
+      SECRET_SECRET_KEY_VERSION: v1
+      SECRET_SMTP_PASSWORD_VERSION: v1
 trigger:
   branch:
     - master
diff --git a/.env.sample b/.env.sample
index 1e1695b..eeec261 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,4 +1,4 @@
-APP=gitea
+TYPE=gitea
 STACK_NAME=gitea
 
 DOMAIN=git.autonomic.zone
@@ -20,9 +20,10 @@ GITEA_MAILER_USER=noreply@autonomic.zone
 GITEA_SSH_PORT=2222
 
 APP_INI_VERSION=v2
-DB_PASSWD_VERSION=v1
-DB_ROOT_PASSWD_VERSION=v1
-INTERNAL_TOKEN_VERSION=v1
-JWT_SECRET_VERSION=v1
-SECRET_KEY_VERSION=v1
-SMTP_PASSWD_VERSION=v1
+
+SECERT_INTERNAL_TOKEN_VERSION=v1  # length=105
+SECRET_DB_PASSWORD_VERSION=v1
+SECRET_DB_ROOT_PASSWORD_VERSION=v1
+SECRET_JWT_SECRET_VERSION=v1  # length=43
+SECRET_SECRET_KEY_VERSION=v1  # length=64
+SECRET_SMTP_PASSWORD_VERSION=v1
diff --git a/compose.yml b/compose.yml
index a364590..b51fac1 100644
--- a/compose.yml
+++ b/compose.yml
@@ -85,24 +85,26 @@ configs:
     file: app.ini.tmpl
     template_driver: golang
 
+# Note(decentral1se): migrate from passwd -> password
+# See https://git.autonomic.zone/coop-cloud/abra/pulls/33
 secrets:
   db_passwd:
-    name: ${STACK_NAME}_db_passwd_${DB_PASSWD_VERSION}
+    name: ${STACK_NAME}_db_passwd_${SECRET_DB_PASSWORD_VERSION}
     external: true
   db_root_passwd:
-    name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
+    name: ${STACK_NAME}_db_root_passwd_${SECRET_DB_ROOT_PASSWORD_VERSION}
     external: true
   internal_token:
-    name: ${STACK_NAME}_internal_token_${INTERNAL_TOKEN_VERSION}
+    name: ${STACK_NAME}_internal_token_${SECRET_INTERNAL_TOKEN_VERSION}
     external: true
   jwt_secret:
-    name: ${STACK_NAME}_jwt_secret_${JWT_SECRET_VERSION}
+    name: ${STACK_NAME}_jwt_secret_${SECRET_JWT_SECRET_VERSION}
     external: true
   secret_key:
-    name: ${STACK_NAME}_secret_key_${SECRET_KEY_VERSION}
+    name: ${STACK_NAME}_secret_key_${SECRET_SECRET_KEY_VERSION}
     external: true
   smtp_passwd:
-    name: ${STACK_NAME}_smtp_passwd_${SMTP_PASSWD_VERSION}
+    name: ${STACK_NAME}_smtp_passwd_${SECRET_SMTP_PASSWORD_VERSION}
     external: true
 
 volumes: