--- - name: generate OAuth2 JWT_SECRET if not provided become: true ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_oauth_jwt_secret' args: creates: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret' when: gitea_oauth2_jwt_secret | length == 0 - name: read OAuth2 JWT_SECRET from file become: true ansible.builtin.slurp: src: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret' register: oauth_jwt_secret when: gitea_oauth2_jwt_secret | length == 0 - name: set fact gitea_oauth2_jwt_secret ansible.builtin.set_fact: gitea_oauth2_jwt_secret: "{{ oauth_jwt_secret['content'] | b64decode }}" when: gitea_oauth2_jwt_secret | length == 0 - name: generate LFS JWT_SECRET if not provided become: true ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_lfs_jwt_secret' args: creates: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret' when: gitea_lfs_jwt_secret | length == 0 - name: read LFS JWT_SECRET from file become: true ansible.builtin.slurp: src: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret' register: lfs_jwt_secret when: gitea_lfs_jwt_secret | length == 0 - name: set fact gitea_lfs_jwt_secret ansible.builtin.set_fact: gitea_lfs_jwt_secret: "{{ lfs_jwt_secret['content'] | b64decode }}" when: gitea_lfs_jwt_secret | length == 0