diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet
index c79ed4c..cad8812 100644
--- a/.drone/drone-home.jsonnet
+++ b/.drone/drone-home.jsonnet
@@ -8,6 +8,7 @@ local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet';
 local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet';
 local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet';
 local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet';
+local printSecrets = import 'node_modules/@sigyl/jsonnet-drone/print-secrets.libsonnet';
 
 local config = {
   registry: '',
@@ -42,6 +43,11 @@ local defs = [
     publicSecrets,
     secretSecrets,
   ),
+  printSecrets(config)(
+    [],
+    publicSecrets,
+    secretSecrets,
+  ),
   build(config)(
     [],
   ),
diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml
index 6e7d2c2..2a4f00d 100644
--- a/.drone/drone-home.yml
+++ b/.drone/drone-home.yml
@@ -100,7 +100,7 @@
    "name": "save",
    "steps": [
       {
-         "image": "appleboy/drone-ssh:1.6.3",
+         "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
          "name": "mkdir",
          "settings": {
             "envs": [
@@ -118,7 +118,7 @@
          }
       },
       {
-         "image": "appleboy/drone-ssh:1.6.3",
+         "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
          "name": "gitea/gitea:1.12.3-linux-amd64",
          "settings": {
             "envs": [
@@ -142,7 +142,7 @@
          }
       },
       {
-         "image": "appleboy/drone-ssh:1.6.3",
+         "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
          "name": "gitea",
          "settings": {
             "envs": [
@@ -215,7 +215,7 @@
                "from_secret": "gitea-server-lfs-jwt-secret"
             }
          },
-         "image": "appleboy/drone-ssh:1.6.3",
+         "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
          "name": "print env",
          "settings": {
             "envs": [
@@ -260,6 +260,89 @@
    "type": "docker"
 }
 ---
+{
+   "clone": {
+      "depth": 0,
+      "disable": false
+   },
+   "kind": "pipeline",
+   "name": "print-secrets",
+   "steps": [
+      {
+         "environment": {
+            "GITEA_APP_NAME": {
+               "from_secret": "gitea-app-name"
+            },
+            "GITEA_MAILER_FROM": {
+               "from_secret": "gitea-mailer-from"
+            },
+            "GITEA_MAILER_HOST": {
+               "from_secret": "gitea-mailer-host"
+            },
+            "GITEA_MAILER_PASSWD": {
+               "from_secret": "gitea-mailer-passwd"
+            },
+            "GITEA_MAILER_USER": {
+               "from_secret": "gitea-mailer-user"
+            },
+            "GITEA_OAUTH2_JWT_SECRET": {
+               "from_secret": "gitea-oauth2-jwt-secret"
+            },
+            "GITEA_SECURITY_INTERNAL_TOKEN": {
+               "from_secret": "gitea-security-internal-token"
+            },
+            "GITEA_SECURITY_SECRET_KEY": {
+               "from_secret": "gitea-security-secret-key"
+            },
+            "GITEA_SERVER_LFS_JWT_SECRET": {
+               "from_secret": "gitea-server-lfs-jwt-secret"
+            }
+         },
+         "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
+         "name": "print secrets command",
+         "settings": {
+            "envs": [
+               "drone_tag",
+               "drone_commit",
+               "drone_build_number",
+               "drone_repo_name",
+               "drone_repo_namespace",
+               "gitea_mailer_host",
+               "gitea_mailer_from",
+               "gitea_mailer_user",
+               "gitea_app_name",
+               "gitea_server_lfs_jwt_secret",
+               "gitea_security_secret_key",
+               "gitea_security_internal_token",
+               "gitea_oauth2_jwt_secret",
+               "gitea_mailer_passwd"
+            ],
+            "script": [
+               "rm -f env-gitea-secret",
+               "echo \"export GITEA_MAILER_HOST='$${GITEA_MAILER_HOST}'\" >> env-gitea-secret # \"gitea-mailer-host\"",
+               "echo \"export GITEA_MAILER_FROM='$${GITEA_MAILER_FROM}'\" >> env-gitea-secret # \"gitea-mailer-from\"",
+               "echo \"export GITEA_MAILER_USER='$${GITEA_MAILER_USER}'\" >> env-gitea-secret # \"gitea-mailer-user\"",
+               "echo \"export GITEA_APP_NAME='$${GITEA_APP_NAME}'\" >> env-gitea-secret # \"gitea-app-name\"",
+               "echo \"export GITEA_SERVER_LFS_JWT_SECRET='$${GITEA_SERVER_LFS_JWT_SECRET}'\" >> env-gitea-secret # \"gitea-server-lfs-jwt-secret\"",
+               "echo \"export GITEA_SECURITY_SECRET_KEY='$${GITEA_SECURITY_SECRET_KEY}'\" >> env-gitea-secret # \"gitea-security-secret-key\"",
+               "echo \"export GITEA_SECURITY_INTERNAL_TOKEN='$${GITEA_SECURITY_INTERNAL_TOKEN}'\" >> env-gitea-secret # \"gitea-security-internal-token\"",
+               "echo \"export GITEA_OAUTH2_JWT_SECRET='$${GITEA_OAUTH2_JWT_SECRET}'\" >> env-gitea-secret # \"gitea-oauth2-jwt-secret\"",
+               "echo \"export GITEA_MAILER_PASSWD='$${GITEA_MAILER_PASSWD}'\" >> env-gitea-secret # \"gitea-mailer-passwd\""
+            ]
+         }
+      }
+   ],
+   "trigger": {
+      "event": [
+         "promote"
+      ],
+      "target": [
+         "print-secrets"
+      ]
+   },
+   "type": "docker"
+}
+---
 {
    "clone": {
       "depth": 0,
@@ -387,7 +470,7 @@
                "from_secret": "gitea-server-lfs-jwt-secret"
             }
          },
-         "image": "appleboy/drone-ssh:1.6.3",
+         "image": "appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea",
          "name": "deploy",
          "settings": {
             "envs": [