diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index df4559b..8128641 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -809,10 +809,22 @@ jobs:
           wait_for_rancher_bootstrap_secrets() {
             local timeout_seconds="$1"
             local deadline
+            local existing_bootstrap_password
             local force_sync
             local api_failures=0
             deadline=$(($(date +%s) + timeout_seconds))
 
+            if [ -z "${RANCHER_BOOTSTRAP_PASSWORD}" ]; then
+              for namespace in cattle-system flux-system; do
+                if existing_bootstrap_password="$(kubectl -n "${namespace}" get secret/rancher-bootstrap-password -o jsonpath='{.data.bootstrapPassword}' 2>/dev/null | base64 -d 2>/dev/null)" \
+                  && [ -n "${existing_bootstrap_password}" ]; then
+                  RANCHER_BOOTSTRAP_PASSWORD="${existing_bootstrap_password}"
+                  export RANCHER_BOOTSTRAP_PASSWORD
+                  break
+                fi
+              done
+            fi
+
             if [ -z "${RANCHER_BOOTSTRAP_PASSWORD}" ]; then
               if [ -z "${DOPPLER_HETZNERTERRA_SERVICE_TOKEN}" ]; then
                 echo "RANCHER_BOOTSTRAP_PASSWORD and DOPPLER_HETZNERTERRA_SERVICE_TOKEN are both empty; cannot seed Rancher bootstrap secret" >&2