check that jwt token is < 32 chars to prevent gitea from crashing

2020-04-04 14:06:25 +02:00 · 2020-04-04 14:06:25 +02:00 · 15a5f64e8a
parent fb6606e87e
commit 15a5f64e8a
3 changed files with 12 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -125,7 +125,8 @@ As this will only deploy config files, fail2ban already has to be installed or o
 ### Oauth2 provider configuration

 * `gitea_oauth2_enabled`: Enable the Oauth2 provider (true/false)
-* `gitea_oauth2_jwt_secret`: JWT secret
+* `gitea_oauth2_jwt_secret`: JWT secret, cannot be longer than 32 characters
+

 ### Metrics endpoint configuration

--- a/tasks/check-variables.yml
+++ b/tasks/check-variables.yml
@ -0,0 +1,7 @@
+---
+- name: run checks to ensure set variables do not crash gitea
+  block:
+    - fail:
+        msg: 'gitea_oauth2_jwt_secret cannot be longer than 32 characters. Please reduce the length of your token'
+      when: gitea_oauth2_jwt_secret | length > 32
+
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,4 +1,7 @@
 ---
+
+- include: check-variables.yml
+
 - name: "Check gitea version"
  shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
  register: gitea_active_version