🏡 index : github.com/captn3m0/nebula.git

author Nemo <me@captnemo.in> 2019-06-02 15:41:06.0 +05:30:00
committer Nemo <me@captnemo.in> 2019-06-02 15:41:06.0 +05:30:00
commit 
1617061f5170da9579053923ffbadf93bcd55a81 [patch]
tree 
7f2781759c74e89f8b4bfdab952b1d2b1d96f56d
parent 
63facbde70f158cb939ab9297e3e1aaea54a77a3
download 
1617061f5170da9579053923ffbadf93bcd55a81.tar.gz

[gitea] New release forces oauth2 on everyone




Diff


 main.tf                 | 17 ++++++++++++-----
 secrets.tf              |  4 ++++
 gitea/data.tf           | 11 +++++++----
 gitea/variables.tf      |  1 +
 gitea/conf/conf.ini.tpl |  9 ++++++++-
 5 files changed, 27 insertions(+), 15 deletions(-)

diff --git a/main.tf b/main.tf
index 35608b8..2e74634 100644
--- a/main.tf
+++ a/main.tf
@@ -34,14 +34,15 @@
}

module "gitea" {

  source         = "gitea"
  domain         = "git.captnemo.in"
  traefik-labels = "${var.traefik-common-labels}"
  ips            = "${var.ips}"
  secret-key     = "${data.pass_password.gitea-secret-key.password}"
  internal-token = "${data.pass_password.gitea-internal-token.password}"
  smtp-password  = "${data.pass_password.gitea-smtp-password.password}"
  lfs-jwt-secret = "${data.pass_password.gitea-lfs-jwt-secret.password}"
  source            = "gitea"
  domain            = "git.captnemo.in"
  traefik-labels    = "${var.traefik-common-labels}"
  ips               = "${var.ips}"
  secret-key        = "${data.pass_password.gitea-secret-key.password}"
  internal-token    = "${data.pass_password.gitea-internal-token.password}"
  smtp-password     = "${data.pass_password.gitea-smtp-password.password}"
  lfs-jwt-secret    = "${data.pass_password.gitea-lfs-jwt-secret.password}"
  oauth2-jwt-secret = "${data.pass_password.gitea-oauth2-jwt-secret.password}"

  //passed, but not used
  mysql-password = ""
diff --git a/secrets.tf b/secrets.tf
index c312eef..7511d6d 100644
--- a/secrets.tf
+++ a/secrets.tf
@@ -18,6 +18,10 @@
  path = "GITEA_SECRET_KEY"
}

data "pass_password" "gitea-oauth2-jwt-secret" {

  path = "GITEA_OAUTH2_JWT_SECRET"
}

data "pass_password" "gf-security-admin-password" {

  path = "GRAFANA_ADMIN_PASSWORD"
}
diff --git a/gitea/data.tf b/gitea/data.tf
index aa45624..460f9f9 100644
--- a/gitea/data.tf
+++ a/gitea/data.tf
@@ -12,10 +12,11 @@
  template = "${file("${path.module}/conf/conf.ini.tpl")}"

  vars {

    secret_key     = "${var.secret-key}"
    internal_token = "${var.internal-token}"
    smtp_password  = "${var.smtp-password}"
    lfs-jwt-secret = "${var.lfs-jwt-secret}"
    mysql-password = "${var.mysql-password}"
    secret_key        = "${var.secret-key}"
    internal_token    = "${var.internal-token}"
    smtp_password     = "${var.smtp-password}"
    lfs-jwt-secret    = "${var.lfs-jwt-secret}"
    mysql-password    = "${var.mysql-password}"
    oauth2-jwt-secret = "${var.oauth2-jwt-secret}"
  }
}
diff --git a/gitea/variables.tf b/gitea/variables.tf
index 093e8dc..5457f6f 100644
--- a/gitea/variables.tf
+++ a/gitea/variables.tf
@@ -12,6 +12,7 @@
variable "internal-token" {}
variable "smtp-password" {}
variable "lfs-jwt-secret" {}
variable "oauth2-jwt-secret" {}
variable "mysql-password" {}

variable "traefik-network-id" {}
diff --git a/gitea/conf/conf.ini.tpl b/gitea/conf/conf.ini.tpl
index e7a58c0..b931518 100644
--- a/gitea/conf/conf.ini.tpl
+++ a/gitea/conf/conf.ini.tpl
@@ -129,8 +129,8 @@
MIN_PASSWORD_LENGTH = 10
IMPORT_LOCAL_PATHS = true
DISABLE_GIT_HOOKS = true
SECRET_KEY     = ${secret_key}
INTERNAL_TOKEN = ${internal_token}
SECRET_KEY     = "${secret_key}"
INTERNAL_TOKEN = "${internal_token}"

[service]
; ; More detail: https://github.com/gogits/gogs/issues/165
@@ -297,3 +297,8 @@
CLONE = 300
PULL = 300
GC = 60

[oauth2]
ENABLE = false
; this is same as JWT secret above
JWT_SECRET = "${oauth2-jwt-secret}"