refactor gitea

author: Jonas Gunz <himself@jonasgunz.de> 2024-01-04 22:38:36 +0100
committer: Jonas Gunz <himself@jonasgunz.de> 2024-01-04 22:38:36 +0100
commit: 95d696a55a43f38f8aa4bd8a38d448bcc593da76 (patch)
tree: cc7059b4e0184eaf0838ff4968bc032cbcd7af8a /roles/gitea/tasks/secrets.yml
parent: cb5707c4bf3face21731cfa88cf7998e26d3c6c2 (diff)
download: ansible_collection-95d696a55a43f38f8aa4bd8a38d448bcc593da76.tar.gz
1 files changed, 24 insertions, 0 deletions
diff --git a/roles/gitea/tasks/secrets.yml b/roles/gitea/tasks/secrets.yml
index cde4dd8..a5da3bb 100644
--- a/roles/gitea/tasks/secrets.yml
+++ b/roles/gitea/tasks/secrets.yml
@@ -1,4 +1,6 @@
 ---
+# Secret Key
+
 - name: Generate SECRET_KEY
   command:
     cmd: gitea generate secret SECRET_KEY
@@ -17,6 +19,8 @@
   become: yes
   when: gen_sec_key.changed
 
+# Internale Token
+
 - name: Generate INTERNAL_TOKEN
   command:
     cmd: gitea generate secret INTERNAL_TOKEN
@@ -34,3 +38,23 @@
     mode: '640'
   become: yes
   when: gen_int_tok.changed
+
+# JWT
+
+- name: Generate JWT_SECRET
+  command:
+    cmd: gitea generate secret INTERNAL_TOKEN
+    creates: /etc/gitea/jwt_secret
+  become_user: git
+  become: yes
+  register: gen_jwt_sec
+
+- name: Save JWT_SECRET
+  copy:
+    content: '{{ gen_jwt_sec.stdout }}'
+    dest: /etc/gitea/jwt_secret
+    owner: root
+    group: git
+    mode: '640'
+  become: yes
+  when: gen_jwt_sec.changed
author	Jonas Gunz <himself@jonasgunz.de>	2024-01-04 22:38:36 +0100
committer	Jonas Gunz <himself@jonasgunz.de>	2024-01-04 22:38:36 +0100
commit	95d696a55a43f38f8aa4bd8a38d448bcc593da76 (patch)
tree	cc7059b4e0184eaf0838ff4968bc032cbcd7af8a /roles/gitea/tasks/secrets.yml
parent	cb5707c4bf3face21731cfa88cf7998e26d3c6c2 (diff)
download	ansible_collection-95d696a55a43f38f8aa4bd8a38d448bcc593da76.tar.gz