diff --git a/base-services.yml b/base-services.yml
index c5087cb..b1e4ec4 100644
--- a/base-services.yml
+++ b/base-services.yml
@@ -1,184 +1,184 @@
 version: "3.7"
 
 services:
   memcache:
     image: memcached
     deploy:
       replicas: 1
 
   db-storage:
     image: postgres:13
     deploy:
       mode: global
       placement:
         constraints:
           - node.role == manager
     command: ['-c', 'shared_buffers=4GB', '-c', 'effective_cache_size=4GB', '-c', 'random_page_cost=1.5', '-c', 'max_wal_size=4GB']
     environment:
       POSTGRES_PASSWORD_FILE: /run/secrets/postgres-password
       POSTGRES_USER: swh
       POSTGRES_DB:
       # unset POSTGRES_DB: we're handling db creation ourselves in the backend
     volumes:
       - "storage-db:/var/lib/postgresql/data:rw,Z"
     secrets:
-      - source: postgres-storage-password
+      - source: swh-mirror-db-postgres-password
         target: postgres-password
         uid: '999'
         mode: 0400
 
   db-web:
     image: postgres:13
     deploy:
       mode: global
       placement:
         constraints:
           - node.role == manager
     command: ['-c', 'shared_buffers=4GB', '-c', 'effective_cache_size=4GB', '-c', 'random_page_cost=1.5', '-c', 'max_wal_size=4GB']
     environment:
       POSTGRES_PASSWORD_FILE: /run/secrets/postgres-password
       POSTGRES_USER: swh
       POSTGRES_DB: swh-web
     volumes:
       - "web-db:/var/lib/postgresql/data:rw,Z"
     secrets:
-      - source: postgres-web-password
+      - source: swh-mirror-web-postgres-password
         target: postgres-password
         uid: '999'
         mode: 0400
 
   web:
     image: softwareheritage/web:${SWH_IMAGE_TAG:-latest}
     configs:
       - source: web
         target: /etc/softwareheritage/config.yml
     command: serve
     environment:
       PORT: "5004"
       PGHOST: db-web
       PGUSER: swh
       POSTGRES_DB: swh-web
     depends_on:
       - db-web
       - memcache
     secrets:
-      - source: postgres-web-password
+      - source: swh-mirror-web-postgres-password
         target: postgres-password
         mode: 0400
 
   objstorage:
     image: softwareheritage/base:${SWH_IMAGE_TAG:-latest}
     deploy:
       # needed to allow actual and dynammic load balancing
       endpoint_mode: dnsrr
       # a real life replicas value better be in the 16 to 64 range
       replicas: 2
       placement:
         # note: if using a local volume, you need to stick objstorage instances
         # on the node hosting the volume, eg. the manager, otherwise, if using
         # a remote/distrubuted objstorage backend (seaweedfs, cloud, etc.) you
         # want to remove this placement constraint
         constraints:
           - node.role == manager
     volumes:
       - "objstorage:/srv/softwareheritage/objects:rw,Z"
     configs:
       - source: objstorage
         target: /etc/softwareheritage/config.yml
     environment:
       PORT: "5003"
       STATSD_HOST: prometheus-statsd-exporter
       STATSD_PORT: 9125
     command: objstorage
 
   storage:
     image: softwareheritage/base:${SWH_IMAGE_TAG:-latest}
     deploy:
       # needed to allow actual and dynammic load balancing
       endpoint_mode: dnsrr
       # a real life replicas value better be in the 16 to 64 range
       replicas: 2
     configs:
       - source: storage
         target: /etc/softwareheritage/config.yml
     environment:
       PGHOST: db-storage
       PGUSER: swh
       POSTGRES_DB: swh-storage
       PORT: "5002"
       STATSD_HOST: prometheus-statsd-exporter
       STATSD_PORT: 9125
     command: storage
     depends_on:
       - db-storage
     secrets:
-      - source: postgres-storage-password
+      - source: swh-mirror-db-postgres-password
         target: postgres-password
         mode: 0400
 
   nginx:
     image: nginx
     configs:
       - source: nginx
         target: /etc/nginx/nginx.conf
     ports:
       - "5081:5081/tcp"
     deploy:
       placement:
         constraints:
           - node.role == manager
 
   prometheus:
     image: prom/prometheus
     depends_on:
     - prometheus-statsd-exporter
     command:
       # Needed for the reverse-proxy
       - "--web.external-url=/prometheus"
       - "--config.file=/etc/prometheus/prometheus.yml"
     volumes:
       - "./conf/prometheus.yml:/etc/prometheus/prometheus.yml:ro,Z"
     deploy:
       mode: global
 
   prometheus-statsd-exporter:
     image: prom/statsd-exporter
     command:
       - "--statsd.mapping-config=/etc/prometheus/statsd-mapping.yml"
     volumes:
       - "./conf/prometheus-statsd-mapping.yml:/etc/prometheus/statsd-mapping.yml:ro,Z"
 
   grafana:
     image: grafana/grafana
     depends_on:
     - prometheus
     environment:
       GF_SERVER_ROOT_URL: http://localhost:5081/grafana
     volumes:
       - "./conf/grafana/provisioning:/etc/grafana/provisioning:ro,Z"
       - "./conf/grafana/dashboards:/var/lib/grafana/dashboards:rw,Z"
 
 volumes:
   objstorage:
   storage-db:
   web-db:
 
 secrets:
-  postgres-storage-password:
+  swh-mirror-db-postgres-password:
     external: true
-  postgres-web-password:
+  swh-mirror-web-postgres-password:
     external: true
 
 configs:
   storage:
     file: conf/storage.yml
     name: storage
   objstorage:
     file: conf/objstorage.yml
     name: objstorage
   nginx:
     file: conf/nginx.conf
     name: nginx
   web:
     file: conf/web.yml
     name: web