diff --git a/nodes/heimdall/docker_registry/compose.yaml b/nodes/heimdall/docker_registry/compose.yaml
index 9bd42f8..f6a91b3 100644
--- a/nodes/heimdall/docker_registry/compose.yaml
+++ b/nodes/heimdall/docker_registry/compose.yaml
@@ -1,20 +1,23 @@
 services:
   registry:
     image: registry:2
-    container_name: docker_registry
     restart: always
     environment:
       - REGISTRY_AUTH=htpasswd
       - REGISTRY_AUTH_HTPASSWD_REALM=Registry
-      - REGISTRY_AUTH_HTPASSWD_PATH=/run/secrets/registry_htpasswd
+      # We point this to a path that we will 'fake' inside the container
+      - REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd
       - REGISTRY_STORAGE_DELETE_ENABLED=true
       - REGISTRY_HTTP_SECRET=something_very_random_and_long
+      # We pass the raw hash string here
+      - HT_CONTENTS=${REGISTRY_AUTH_HTPASSWD_CONTENTS}
+    # Create the file on the fly before the registry starts
+    command: >
+      sh -c "mkdir -p /auth && echo \"$$HT_CONTENTS\" > /auth/htpasswd && exec bin/registry serve /etc/docker/registry/config.yml"
     volumes:
       - /mnt/appdata/docker_registry/data:/var/lib/registry
     networks:
       - proxy-net
-    secrets:
-      - registry_htpasswd
     labels:
       - traefik.enable=true
       - traefik.http.routers.registry.rule=Host(`registry.castaldifamily.com`)
@@ -22,10 +25,6 @@ services:
       - traefik.http.routers.registry.tls.certresolver=cloudflare
       - traefik.http.services.registry.loadbalancer.server.port=5000
 
-secrets:
-  registry_htpasswd:
-    external: true
-
 networks:
   proxy-net:
     name: proxy-net