service: Support setting container secrets

roles/service/tasks/main.yaml

@@ -6,6 +6,15 @@
   ansible.builtin.set_fact:
     _service_container_mounts: []
     _service_container_requires: "{{ service_requires }}"
+    _service_container_secrets: []
+
+- name: Secrets definition for {{ service_name }}
+  ansible.builtin.set_fact:
+    _service_container_secrets: "{{ _service_container_secrets + [secret | combine({'name': service_name ~ '-' ~ secret.name})] }}"
+  no_log: true
+  loop: "{{ service_container_secrets }}"
+  loop_control:
+    loop_var: secret
 
 - name: Databse for {{ service_name }}
   ansible.builtin.include_tasks: database.yaml
@@ -26,6 +35,7 @@
     container_publish_ports: "{{ service_container_publish_ports }}"
     container_networks:
       - "{{ service_name }}"
+    container_secrets: "{{ _service_container_secrets }}"
     container_env: "{{ service_container_env }}"
     container_requires: "{{ _service_container_requires }}"
     container_wants: "{{ [service_name + '-socat.socket'] if service_domains | length > 0 else [] }}"