fix: remove various secrets

roles/docker-deployments/templates/hedgedoc.yaml

@@ -3,7 +3,7 @@ services:
     image: postgres:15-alpine
     environment:
       - POSTGRES_USER=hedgedoc
-      - POSTGRES_PASSWORD=HISTORY_PURGED_SECRET
+      - POSTGRES_PASSWORD={{ hedgedoc_db_password }}
       - POSTGRES_DB=hedgedoc
     volumes:
       - /data/hedgedoc/pgsql:/var/lib/postgresql/data
@@ -12,7 +12,7 @@ services:
     # Make sure to use the latest release from https://hedgedoc.org/latest-release
     image: quay.io/hedgedoc/hedgedoc:latest
     environment:
-      - CMD_DB_URL=postgres://hedgedoc:HISTORY_PURGED_SECRET@database:5432/hedgedoc
+      - CMD_DB_URL=postgres://hedgedoc:{{ hedgedoc_db_password }}@database:5432/hedgedoc
       - CMD_DOMAIN=hedgedoc.atlantishq.de
       - CMD_PROTOCOL_USESSL=true
       - CMD_ALLOW_ORIGIN=['hedgedoc.atlantishq.de']
@@ -22,7 +22,7 @@ services:
       - CMD_OAUTH2_TOKEN_URL=https://{{ keycloak_address }}/realms/master/protocol/openid-connect/token
       - CMD_OAUTH2_AUTHORIZATION_URL=https://{{ keycloak_address }}/realms/master/protocol/openid-connect/auth
       - CMD_OAUTH2_CLIENT_ID=z_hedgedoc
-      - CMD_OAUTH2_CLIENT_SECRET=HISTORY_PURGED_SECRET
+      - CMD_OAUTH2_CLIENT_SECRET={{ keycloak_clients['hedgedoc']['client_secret'] }}
       - CMD_OAUTH2_SCOPE=openid email profile
       - CMD_OAUTH2_ROLES_CLAIM=roles
       - CMD_OAUTH2_PROVIDERNAME=AtlantisHQ Auth

roles/docker-deployments/templates/money-balancer.yaml

@@ -7,7 +7,7 @@ services:
     volumes:
       - /data/money-balancer:/data
     environment:
-      - MONEYBALANCER_JWT_SECRET=HISTORY_PURGED_SECRET
+      - MONEYBALANCER_JWT_SECRET={{ money_balancer_jwt_secret }}
       - MONEYBALANCER_AUTH_LOCAL_ENABLED=false
       - MONEYBALANCER_AUTH_PROXY_ENABLED=true
       - MONEYBALANCER_AUTH_PROXY_HEADERS_USERNAME=x-forwarded-preferred-username