Replace secrets/configs with mounted files/folders

services/authentication/docker-compose.yml

@@ -21,17 +21,14 @@ services:
       - reverse-proxy
     volumes:
       - ${NASCOMPOSE_SERVICES?}/authentication/volumes/authelia_config/:/config/
-    configs:
+      # Configuration
-      - source: authelia_configuration
+      - ${NASCOMPOSE_SERVICES?}/authentication/configs/configuration.yml:/etc/authelia/configuration.yml:ro
-        target: /etc/authelia/configuration.yml
+      - ${NASCOMPOSE_SERVICES?}/authentication/configs/access.yml:/etc/authelia/access.yml:ro
-      - source: authelia_access
+      - ${NASCOMPOSE_SERVICES?}/authentication/configs/authentication.yml:/etc/authelia/authentication.yml:ro
-        target: /etc/authelia/access.yml
+      # Secrets
-      - source: authelia_authentication
+      - ${NASCOMPOSE_SERVICES?}/authentication/secrets/jwt_secret:/run/secrets/jwt_secret:ro
-        target: /etc/authelia/authentication.yml
+      - ${NASCOMPOSE_SERVICES?}/authentication/secrets/storage_key:/run/secrets/storage_key:ro
-    secrets:
+      - ${NASCOMPOSE_SERVICES?}/authentication/secrets/smtp_password:/run/secrets/smtp_password:ro
-      - jwt_secret
-      - storage_key
-      - smtp_password
     restart: unless-stopped
     labels:
       traefik.enable: true
@@ -39,19 +36,3 @@ services:
 networks:
   reverse-proxy:
     external: true
-
-configs:
-  authelia_configuration:
-    file: ${NASCOMPOSE_SERVICES?}/authentication/configs/configuration.yml
-  authelia_access:
-    file: ${NASCOMPOSE_SERVICES?}/authentication/configs/access.yml
-  authelia_authentication:
-    file: ${NASCOMPOSE_SERVICES?}/authentication/configs/authentication.yml
-
-secrets:
-  jwt_secret:
-    file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/jwt_secret
-  storage_key:
-    file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/storage_key
-  smtp_password:
-    file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/smtp_password

services/bootstrap/docker-compose.yml

@@ -26,8 +26,8 @@ services:
     volumes:
       - /var/packages/Docker/var/docker/volumes/:/var/lib/docker/volumes/
       - ${NASCOMPOSE_SERVICES?}/bootstrap/volumes/portainer_data/:/data/
-    secrets:
+      # Secrets
-      - portainer_password
+      - ${NASCOMPOSE_SERVICES?}/bootstrap/secrets/portainer_password:/run/secrets/portainer_password:ro
     depends_on:
       - docker
     restart: unless-stopped
@@ -39,7 +39,3 @@ networks:
     name: docker
     labels:
       nas-compose.boostrap: true
-
-secrets:
-  portainer_password:
-    file: ${NASCOMPOSE_SERVICES?}/bootstrap/secrets/portainer_password

services/docker-monitoring/docker-compose.yml

@@ -13,6 +13,9 @@ services:
       WATCHTOWER_NOTIFICATION_URL: /run/secrets/watchtower_notification_url
     networks:
       - docker
+    volumes:
+      # Secrets
+      - ${NASCOMPOSE_SERVICES?}/docker-monitoring/secrets/notification_url:/run/secrets/watchtower_notification_url:ro
     secrets:
       - watchtower_notification_url
     restart: unless-stopped
@@ -20,7 +23,3 @@ services:
 networks:
   docker:
     external: true
-
-secrets:
-  watchtower_notification_url:
-    file: ${NASCOMPOSE_SERVICES?}/docker-monitoring/secrets/notification_url

services/dynamic-dns/docker-compose.yml

@@ -7,10 +7,7 @@ services:
     environment:
       - SUBDOMAINS=${NASCOMPOSE_DUCKDNS_DOMAIN?}
       - FILE__TOKEN=/run/secrets/duckdns_token
-    secrets:
+    volumes:
-      - duckdns_token
+      # Secrets
+      - ${NASCOMPOSE_SERVICES?}/dynamic-dns/secrets/duckdns_token:/run/secrets/duckdns_token:ro
     restart: unless-stopped
-
-secrets:
-  duckdns_token:
-    file: ${NASCOMPOSE_SERVICES?}/dynamic-dns/secrets/duckdns_token

services/reverse-proxy/docker-compose.macvlan.yml

@@ -6,18 +6,7 @@ services:
     networks:
       macvlan:
         ipv4_address: ${NASCOMPOSE_MACVLAN_TRAEFIK_IP?}
-    configs:
-      - source: traefik_synology
-        target: /etc/traefik/dynamic/synology.yml
-      - source: traefik_portainer
-        target: /etc/traefik/dynamic/portainer.yml
 
 networks:
   macvlan:
     external: true
-
-configs:
-  traefik_synology:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/synology.yml
-  traefik_portainer:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/portainer.yml

services/reverse-proxy/docker-compose.yml

@@ -9,24 +9,12 @@ services:
     networks:
       - reverse-proxy
       - docker
-    configs:
+    volumes:
-      - source: traefik_static
+      # Config
-        target: /etc/traefik/traefik.yml
+      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/:/etc/traefik:ro
-
+      # Secrets
-      - source: traefik_dynamic
+      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.cert:/run/secrets/traefik_tls_cert:ro
-        target: /etc/traefik/dynamic/traefik.yml
+      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.key:/run/secrets/traefik_tls_key:ro
-      - source: traefik_tls
-        target: /etc/traefik/dynamic/tls.yml
-      - source: traefik_hsts
-        target: /etc/traefik/dynamic/hsts.yml
-
-      - source: traefik_authelia
-        target: /etc/traefik/dynamic/authelia.yml
-      - source: traefik_transmission-api
-        target: /etc/traefik/dynamic/transmission-api.yml
-    secrets:
-      - traefik_tls_cert
-      - traefik_tls_key
     restart: unless-stopped
     labels:
       traefik.enable: true
@@ -39,23 +27,3 @@ networks:
 
   docker:
     external: true
-
-configs:
-  traefik_static:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/traefik.yml
-  traefik_dynamic:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/traefik.yml
-  traefik_tls:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/tls.yml
-  traefik_hsts:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/hsts.yml
-  traefik_authelia:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/authelia.yml
-  traefik_transmission-api:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/dynamic/transmission-api.yml
-
-secrets:
-  traefik_tls_cert:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.cert
-  traefik_tls_key:
-    file: ${NASCOMPOSE_SERVICES?}/reverse-proxy/secrets/traefik.key

services/scrobbler/docker-compose.yml

@@ -20,9 +20,9 @@ services:
       - scrobbler
     volumes:
       - ${NASCOMPOSE_SERVICES?}/scrobbler/volumes/plaxt_keystore/:/app/keystore/
-    secrets:
+      # Secrets
-      - trakt_id
+      - ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_id:/run/secrets/trakt_id:ro
-      - trakt_secret
+      - ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_secret:/run/secrets/trakt_secret:ro
     restart: unless-stopped
     labels:
       traefik.enable: true
@@ -34,9 +34,3 @@ networks:
 
   reverse-proxy:
     external: true
-
-secrets:
-  trakt_id:
-    file: ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_id
-  trakt_secret:
-    file: ${NASCOMPOSE_SERVICES?}/scrobbler/secrets/trakt_secret

services/torrents/docker-compose.yml

@@ -20,11 +20,13 @@ services:
     volumes:
       - ${NASCOMPOSE_SERVICES?}/torrents/volumes/qbittorrent_config/:/config/
       - ${NASCOMPOSE_DATA?}/torrents/:/data/
-      - ${NASCOMPOSE_SERVICES?}/torrents/secrets/wg0.conf:/config/wireguard/wg0.conf:ro
+      # Configuration
       - ${NASCOMPOSE_SERVICES?}/torrents/config/set_port.sh:/bin/set_port.sh:ro
       - ${NASCOMPOSE_SERVICES?}/torrents/config/01-natpmp-install:/etc/cont-init.d/01-natpmp-install:ro
       - ${NASCOMPOSE_SERVICES?}/torrents/config/98-gateway-setup:/etc/cont-init.d/98-gateway-setup:ro
       - ${NASCOMPOSE_SERVICES?}/torrents/config/99-cron-start:/etc/cont-init.d/99-cron-start:ro
+      # Secrets
+      - ${NASCOMPOSE_SERVICES?}/torrents/secrets/wg0.conf:/config/wireguard/wg0.conf:ro
     restart: unless-stopped
     labels:
       traefik.enable: true