diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml
index f136b5e..01613bf 100644
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -61,10 +61,10 @@ jobs:
 
       - name: Publish generic packages
         env:
-          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
+          TOKEN: ${{ secrets.TOKEN }}
         run: |
-          if [[ -z "${GITEA_TOKEN}" ]]; then
-            echo "GITEA_TOKEN missing; skipping generic packages"
+          if [[ -z "${TOKEN}" ]]; then
+            echo "TOKEN missing; skipping generic packages"
             exit 0
           fi
           OWNER="${GITHUB_REPOSITORY%/*}"
@@ -73,22 +73,22 @@ jobs:
           for file in dist/*; do
             name=$(basename "$file")
             curl -sSf -X PUT \
-              -H "Authorization: token ${GITEA_TOKEN}" \
+              -H "Authorization: token ${TOKEN}" \
               --upload-file "$file" \
               "${GITHUB_SERVER_URL}/api/packages/${OWNER}/generic/${REPO}/${VERSION}/${name}"
           done
 
       - name: Build and push OCI images
         env:
-          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
-          GITEA_USERNAME: ${{ secrets.GITEA_USERNAME }}
+          TOKEN: ${{ secrets.TOKEN }}
+          USERNAME: ${{ secrets.USERNAME }}
         run: |
-          if [[ -z "${GITEA_TOKEN}" || -z "${GITEA_USERNAME}" ]]; then
-            echo "GITEA_TOKEN or GITEA_USERNAME missing; skipping OCI"
+          if [[ -z "${TOKEN}" || -z "${USERNAME}" ]]; then
+            echo "TOKEN or USERNAME missing; skipping OCI"
             exit 0
           fi
           VERSION="${{ steps.version.outputs.version }}"
-          echo "${GITEA_TOKEN}" | docker login git.dvv.one -u "${GITEA_USERNAME}" --password-stdin
+          echo "${TOKEN}" | docker login git.dvv.one -u "${USERNAME}" --password-stdin
 
           cat > Dockerfile.relay <<'DOCKER'
           FROM debian:bookworm-slim
@@ -120,16 +120,16 @@ DOCKER
 
       - name: Publish Cargo packages
         env:
-          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
+          TOKEN: ${{ secrets.TOKEN }}
           CARGO_REGISTRIES_GITEA_INDEX: sparse+https://git.dvv.one/api/packages/${{ github.repository_owner }}/cargo/
-          CARGO_REGISTRIES_GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
+          CARGO_REGISTRIES_GITEA_TOKEN: ${{ secrets.TOKEN }}
         run: |
           if [[ "${GITHUB_REF}" != refs/tags/* ]]; then
             echo "Not a tag; skipping cargo publish"
             exit 0
           fi
-          if [[ -z "${GITEA_TOKEN}" ]]; then
-            echo "GITEA_TOKEN missing; skipping cargo publish"
+          if [[ -z "${TOKEN}" ]]; then
+            echo "TOKEN missing; skipping cargo publish"
             exit 0
           fi
           TAG="${GITHUB_REF#refs/tags/}"
@@ -164,10 +164,10 @@ PY
 
       - name: Create release
         env:
-          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
+          TOKEN: ${{ secrets.TOKEN }}
         run: |
-          if [[ -z "${GITEA_TOKEN}" ]]; then
-            echo "GITEA_TOKEN missing; skipping release"
+          if [[ -z "${TOKEN}" ]]; then
+            echo "TOKEN missing; skipping release"
             exit 0
           fi
           OWNER="${GITHUB_REPOSITORY%/*}"
@@ -188,7 +188,7 @@ print(json.dumps({
 PY
 )
           release=$(curl -sSf -X POST \
-            -H "Authorization: token ${GITEA_TOKEN}" \
+            -H "Authorization: token ${TOKEN}" \
             -H "Content-Type: application/json" \
             -d "$payload" \
             "${GITHUB_SERVER_URL}/api/v1/repos/${OWNER}/${REPO}/releases")
@@ -202,7 +202,7 @@ PY
           for file in dist/*; do
             name=$(basename "$file")
             curl -sSf -X POST \
-              -H "Authorization: token ${GITEA_TOKEN}" \
+              -H "Authorization: token ${TOKEN}" \
               -F "attachment=@${file}" \
               "${GITHUB_SERVER_URL}/api/v1/repos/${OWNER}/${REPO}/releases/${release_id}/assets?name=${name}"
           done