homeserver/roles/tmaurice.gitea/tasks/jwt_secrets.yml
mg 651164f26f Update tmaurice.gitea (#294)
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#294
Co-authored-by: mg <michael.grote@posteo.de>
Co-committed-by: mg <michael.grote@posteo.de>
2022-01-10 09:01:52 +01:00

38 lines
1.2 KiB
YAML

---
- name: generate OAuth2 JWT_SECRET if not provided
become: true
shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_oauth_jwt_secret'
args:
creates: '/etc/gitea/gitea_oauth_jwt_secret'
when: gitea_oauth2_jwt_secret | length == 0
- name: read OAuth2 JWT_SECRET from file
become: true
slurp:
src: '/etc/gitea/gitea_oauth_jwt_secret'
register: oauth_jwt_secret
when: gitea_oauth2_jwt_secret | length == 0
- name: set fact gitea_oauth2_jwt_secret
set_fact:
gitea_oauth2_jwt_secret: "{{ oauth_jwt_secret['content'] | b64decode }}"
when: gitea_oauth2_jwt_secret | length == 0
- name: generate LFS JWT_SECRET if not provided
become: true
shell: 'umask 077; /usr/local/bin/gitea generate secret JWT_SECRET > /etc/gitea/gitea_lfs_jwt_secret'
args:
creates: '/etc/gitea/gitea_lfs_jwt_secret'
when: gitea_lfs_jwt_secret | length == 0
- name: read LFS JWT_SECRET from file
become: true
slurp:
src: '/etc/gitea/gitea_lfs_jwt_secret'
register: lfs_jwt_secret
when: gitea_lfs_jwt_secret | length == 0
- name: set fact gitea_lfs_jwt_secret
set_fact:
gitea_lfs_jwt_secret: "{{ lfs_jwt_secret['content'] | b64decode }}"
when: gitea_lfs_jwt_secret | length == 0