1
1
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_gitea.git synced 2024-08-16 11:39:50 +02:00
ansible_role_gitea/tasks/jwt_secrets.yml

38 lines
1.4 KiB
YAML

---
- name: generate OAuth2 JWT_SECRET if not provided
become: true
ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
args:
creates: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
when: gitea_oauth2_jwt_secret | length == 0
- name: read OAuth2 JWT_SECRET from file
become: true
ansible.builtin.slurp:
src: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
register: oauth_jwt_secret
when: gitea_oauth2_jwt_secret | length == 0
- name: set fact gitea_oauth2_jwt_secret
ansible.builtin.set_fact:
gitea_oauth2_jwt_secret: "{{ oauth_jwt_secret['content'] | b64decode }}"
when: gitea_oauth2_jwt_secret | length == 0
- name: generate LFS JWT_SECRET if not provided
become: true
ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
args:
creates: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
when: gitea_lfs_jwt_secret | length == 0
- name: read LFS JWT_SECRET from file
become: true
ansible.builtin.slurp:
src: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
register: lfs_jwt_secret
when: gitea_lfs_jwt_secret | length == 0
- name: set fact gitea_lfs_jwt_secret
ansible.builtin.set_fact:
gitea_lfs_jwt_secret: "{{ lfs_jwt_secret['content'] | b64decode }}"
when: gitea_lfs_jwt_secret | length == 0