From d339eb1d2a48ef59662d8f4675c2ecaf665ed383 Mon Sep 17 00:00:00 2001
From: Egor Matveev <e.matveev@hh.ru>
Date: Fri, 11 Jul 2025 19:50:10 +0300
Subject: [PATCH] fix

---
 .deploy-infra/deploy-prod.yaml    | 8 +++-----
 .gitea/workflows/deploy-prod.yaml | 2 ++
 prepare/run-production.sh         | 4 ++++
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml
index 73c2f4c..8a3c6e2 100755
--- a/.deploy-infra/deploy-prod.yaml
+++ b/.deploy-infra/deploy-prod.yaml
@@ -32,12 +32,10 @@ services:
     networks:
       - common-infra-nginx
     environment:
-      AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT_SECRET'
-      AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION_SECRET'
-      AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/STORAGE_PASSWORD'
-      AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE_ENCRYPTION_KEY'
+      AUTHELIA_STORAGE_PASSWORD: $DB_PASSWORD_PROD
     volumes:
-      - '/sprint-data/authelia:/config'
+      - /sprint-data/authelia/config:/config
+      - /sprint-data/authelia/data:/var/lib/authelia
     deploy:
       mode: replicated
       replicas: 1
diff --git a/.gitea/workflows/deploy-prod.yaml b/.gitea/workflows/deploy-prod.yaml
index 5a3e0d5..f218c52 100644
--- a/.gitea/workflows/deploy-prod.yaml
+++ b/.gitea/workflows/deploy-prod.yaml
@@ -68,4 +68,6 @@ jobs:
           REDIS_PASSWORD_PROD: ${{ secrets.REDIS_PASSWORD_PROD }}
           RABBITMQ_PASSWORD_PROD: ${{ secrets.RABBITMQ_PASSWORD_PROD }}
           REGISTRATION_TOKEN: ${{ secrets.REGISTRATION_TOKEN }}
+          AUTHTHELIA_JWT_SECRET: ${{ secrets.AUTHTHELIA_JWT_SECRET }}
+          AUTHTHELIA_SESSION_SECRET: ${{ secrets.AUTHTHELIA_SESSION_SECRET }}
         run: docker stack deploy --with-registry-auth -c ./.deploy-infra/deploy-prod.yaml infra
diff --git a/prepare/run-production.sh b/prepare/run-production.sh
index 3a3226b..f53e82d 100644
--- a/prepare/run-production.sh
+++ b/prepare/run-production.sh
@@ -17,7 +17,11 @@ mkdir /sprint-data/gitea || true
 mkdir /sprint-data/clickhouse || true
 mkdir /sprint-data/grafana || true
 mkdir /sprint-data/authelia || true
+mkdir /sprint-data/authelia/config || true
+mkdir /sprint-data/authelia/data || true
 chmod 777 /sprint-data/authelia
+chmod 777 /sprint-data/authelia/config
+chmod 777 /sprint-data/authelia/data
 chmod 777 /sprint-data/redis
 chmod 777 /sprint-data/rabbitmq
 chmod 777 /sprint-data/gitea