diff --git a/playbooks/openshift-apps/greenwave.yml b/playbooks/openshift-apps/greenwave.yml
index 8a3043d852..1ca2a0b6ba 100644
--- a/playbooks/openshift-apps/greenwave.yml
+++ b/playbooks/openshift-apps/greenwave.yml
@@ -17,19 +17,6 @@
     appowners:
     - mjia
     - dcallagh
-  # These secret roles also break if the secret already exists.  Can only be run once.
-  #- role: openshift/secret-file
-  #  app: greenwave
-  #  secret_name: greenwave-fedmsg-key
-  #  key: fedmsg-greenwave.key
-  #  privatefile: fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.stg.fedoraproject.org.key
-  #  when: env == "staging"
-  #- role: openshift/secret-file
-  #  app: greenwave
-  #  secret_name: greenwave-fedmsg-crt
-  #  key: fedmsg-greenwave.crt
-  #  privatefile: fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.stg.fedoraproject.org.crt
-  #  when: env == "staging"
   - { role: openshift/object, app: greenwave, file: imagestream.yml }
   - { role: openshift/object, app: greenwave, template: buildconfig.yml }
   - { role: openshift/start-build, app: greenwave, name: greenwave-docker-build }
diff --git a/roles/openshift-apps/greenwave/files/deploymentconfig.yml b/roles/openshift-apps/greenwave/templates/deploymentconfig.yml
similarity index 83%
rename from roles/openshift-apps/greenwave/files/deploymentconfig.yml
rename to roles/openshift-apps/greenwave/templates/deploymentconfig.yml
index dbe2e547bf..a7aa9020c6 100644
--- a/roles/openshift-apps/greenwave/files/deploymentconfig.yml
+++ b/roles/openshift-apps/greenwave/templates/deploymentconfig.yml
@@ -98,13 +98,26 @@ spec:
       - name: fedmsg-config-volume
         configMap:
           name: greenwave-fedmsg-configmap
-      # This secret volume gets set up in the playbook
       - name: fedmsg-key-volume
         secret:
           secretName: greenwave-fedmsg-key
+          items:
+          - key: fedmsg-greenwave.key
+{% if env == 'staging' %}
+            path: {{private}}/files/fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.stg.fedoraproject.org.key
+{% else %}
+            path: {{private}}/files/fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.fedoraproject.org.key
+{% endif %}
       - name: fedmsg-crt-volume
         secret:
           secretName: greenwave-fedmsg-crt
+          items:
+          - key: fedmsg-greenwave.crt
+{% if env == 'staging' %}
+            path: {{private}}/files/fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.stg.fedoraproject.org.crt
+{% else %}
+            path: {{private}}/files/fedmsg-certs/keys/greenwave-greenwave-web-greenwave.app.os.fedoraproject.org.crt
+{% endif %}
   triggers:
   - type: ImageChange
     imageChangeParams: