From 95d696a55a43f38f8aa4bd8a38d448bcc593da76 Mon Sep 17 00:00:00 2001
From: Jonas Gunz <himself@jonasgunz.de>
Date: Thu, 4 Jan 2024 22:38:36 +0100
Subject: refactor gitea

---
 roles/gitea/tasks/secrets.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'roles/gitea/tasks/secrets.yml')

diff --git a/roles/gitea/tasks/secrets.yml b/roles/gitea/tasks/secrets.yml
index cde4dd8..a5da3bb 100644
--- a/roles/gitea/tasks/secrets.yml
+++ b/roles/gitea/tasks/secrets.yml
@@ -1,4 +1,6 @@
 ---
+# Secret Key
+
 - name: Generate SECRET_KEY
   command:
     cmd: gitea generate secret SECRET_KEY
@@ -17,6 +19,8 @@
   become: yes
   when: gen_sec_key.changed
 
+# Internale Token
+
 - name: Generate INTERNAL_TOKEN
   command:
     cmd: gitea generate secret INTERNAL_TOKEN
@@ -34,3 +38,23 @@
     mode: '640'
   become: yes
   when: gen_int_tok.changed
+
+# JWT
+
+- name: Generate JWT_SECRET
+  command:
+    cmd: gitea generate secret INTERNAL_TOKEN
+    creates: /etc/gitea/jwt_secret
+  become_user: git
+  become: yes
+  register: gen_jwt_sec
+
+- name: Save JWT_SECRET
+  copy:
+    content: '{{ gen_jwt_sec.stdout }}'
+    dest: /etc/gitea/jwt_secret
+    owner: root
+    group: git
+    mode: '640'
+  become: yes
+  when: gen_jwt_sec.changed
-- 
cgit v1.2.3