9cd664d91f
* autogenerate JWT_SECRETS Based on https://docs.gitea.io/en-us/command-line/#generate we will now autogenerate JWT_SECRETS if they are not defined. In my opinion a much better idea than writing a value in the default config. The check if the variables for the secrets are now 43 characters long i took out. Gitea generates itself suitable secrets, if the user given ones do not fit. * drop ansible.builtin. syntax
38 lines
1.2 KiB
YAML
38 lines
1.2 KiB
YAML
---
|
|
- name: generate OAuth2 JWT_SECRET if not provided
|
|
become: true
|
|
shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_oauth_jwt_secret'
|
|
args:
|
|
creates: '/etc/gitea/gitea_oauth_jwt_secret'
|
|
when: gitea_oauth2_jwt_secret | length == 0
|
|
|
|
- name: read OAuth2 JWT_SECRET from file
|
|
become: true
|
|
slurp:
|
|
src: '/etc/gitea/gitea_oauth_jwt_secret'
|
|
register: oauth_jwt_secret
|
|
when: gitea_oauth2_jwt_secret | length == 0
|
|
|
|
- name: set fact gitea_oauth2_jwt_secret
|
|
set_fact:
|
|
gitea_oauth2_jwt_secret: "{{ oauth_jwt_secret['content'] | b64decode }}"
|
|
when: gitea_oauth2_jwt_secret | length == 0
|
|
|
|
- name: generate LFS JWT_SECRET if not provided
|
|
become: true
|
|
shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_lfs_jwt_secret'
|
|
args:
|
|
creates: '/etc/gitea/gitea_lfs_jwt_secret'
|
|
when: gitea_lfs_jwt_secret | length == 0
|
|
|
|
- name: read LFS JWT_SECRET from file
|
|
become: true
|
|
slurp:
|
|
src: '/etc/gitea/gitea_lfs_jwt_secret'
|
|
register: lfs_jwt_secret
|
|
when: gitea_lfs_jwt_secret | length == 0
|
|
|
|
- name: set fact gitea_lfs_jwt_secret
|
|
set_fact:
|
|
gitea_lfs_jwt_secret: "{{ lfs_jwt_secret['content'] | b64decode }}"
|
|
when: gitea_lfs_jwt_secret | length == 0
|