From a141151d9e46be1619e80367a8c18abfcfba22f8 Mon Sep 17 00:00:00 2001
From: Marius Alwan Meyer <22202402+Sporqist@users.noreply.github.com>
Date: Sat, 11 Mar 2023 22:51:39 +0100
Subject: [PATCH] =?UTF-8?q?unterst=C3=BCtze=20security=20Konfiguration?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 templates/environment.env.j2 | 71 +++++++++++++++++++++++++++++++++++-
 1 file changed, 70 insertions(+), 1 deletion(-)

diff --git a/templates/environment.env.j2 b/templates/environment.env.j2
index 8ec4ca6..55a3538 100644
--- a/templates/environment.env.j2
+++ b/templates/environment.env.j2
@@ -154,4 +154,73 @@ GITEA__ssh.minimum_key_sizes__RSA={{ gitea_vars.ssh.minimum_key_sizes.rsa }}
 GITEA__ssh.minimum_key_sizes__DSA={{ gitea_vars.ssh.minimum_key_sizes.dsa }}
 {% endif %}
 {% endif %}
-{% endif %} {# /ssh #}
\ No newline at end of file
+{% endif %} {# /ssh #}
+
+{% if 'security' in gitea_vars %}
+{% if 'install_lock' in gitea_vars['security'] %}
+GITEA__security__INSTALL_LOCK={{ gitea_vars.security.install_lock }}
+{% endif %}
+{% if 'secret_key' in gitea_vars['security'] %}
+GITEA__security__SECRET_KEY={{ gitea_vars.security.secret_key }}
+{% endif %}
+{% if 'secret_key_uri' in gitea_vars['security'] %}
+GITEA__security__SECRET_KEY_URI={{ gitea_vars.security.secret_key_uri }}
+{% endif %}
+{% if 'login_remember_days' in gitea_vars['security'] %}
+GITEA__security__SECURITYIN_REMEMBER_DAYS={{ gitea_vars.security.login_remember_days }}
+{% endif %}
+{% if 'cookie_username' in gitea_vars['security'] %}
+GITEA__security__COOKIE_USERNAME={{ gitea_vars.security.cookie_username }}
+{% endif %}
+{% if 'reverse_proxy_authentication_user' in gitea_vars['security'] %}
+GITEA__security__REVERSE_PROXY_AUTHENTICATION_USER={{ gitea_vars.security.reverse_proxy_authentication_user }}
+{% endif %}
+{% if 'reverse_proxy_authentication_email' in gitea_vars['security'] %}
+GITEA__security__REVERSE_PROXY_AUTHENTICATION_EMAIL={{ gitea_vars.security.reverse_proxy_authentication_email }}
+{% endif %}
+{% if 'reverse_proxy_authentication_full_name' in gitea_vars['security'] %}
+GITEA__security__REVERSE_PROXY_AUTHENTICATION_FULL_NAME={{ gitea_vars.security.reverse_proxy_authentication_full_name }}
+{% endif %}
+{% if 'reverse_proxy_limit' in gitea_vars['security'] %}
+GITEA__security__REVERSE_PROXY_LIMIT={{ gitea_vars.security.reverse_proxy_limit }}
+{% endif %}
+{% if 'reverse_proxy_trusted_proxies' in gitea_vars['security'] %}
+GITEA__security__REVERSE_PROXY_TRUSTED_PROXIES={{ gitea_vars.security.reverse_proxy_trusted_proxies }}
+{% endif %}
+{% if 'disable_git_hooks' in gitea_vars['security'] %}
+GITEA__security__DISABLE_GIT_HOOKS={{ gitea_vars.security.disable_git_hooks }}
+{% endif %}
+{% if 'disable_webhooks' in gitea_vars['security'] %}
+GITEA__security__DISABLE_WEBHOOKS={{ gitea_vars.security.disable_webhooks }}
+{% endif %}
+{% if 'only_allow_push_if_gitea_environment_set' in gitea_vars['security'] %}
+GITEA__security__ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET={{ gitea_vars.security.only_allow_push_if_gitea_environment_set }}
+{% endif %}
+{% if 'import_local_paths' in gitea_vars['security'] %}
+GITEA__security__IMPORT_LOCAL_PATHS={{ gitea_vars.security.import_local_paths }}
+{% endif %}
+{% if 'internal_token' in gitea_vars['security'] %}
+GITEA__security__INTERNAL_TOKEN={{ gitea_vars.security.internal_token }}
+{% endif %}
+{% if 'internal_token_uri' in gitea_vars['security'] %}
+GITEA__security__INTERNAL_TOKEN_URI={{ gitea_vars.security.internal_token_uri }}
+{% endif %}
+{% if 'password_hash_algo' in gitea_vars['security'] %}
+GITEA__security__PASSWORD_HASH_ALGO={{ gitea_vars.security.password_hash_algo }}
+{% endif %}
+{% if 'csrf_cookie_http_only' in gitea_vars['security'] %}
+GITEA__security__CSRF_COOKIE_HTTP_ONLY={{ gitea_vars.security.csrf_cookie_http_only }}
+{% endif %}
+{% if 'min_password_length' in gitea_vars['security'] %}
+GITEA__security__MIN_PASSWORD_LENGTH={{ gitea_vars.security.min_password_length }}
+{% endif %}
+{% if 'password_complexity' in gitea_vars['security'] %}
+GITEA__security__ABC={{ gitea_vars.security.abc }}
+{% endif %}
+{% if 'password_check_pwn' in gitea_vars['security'] %}
+GITEA__security__PASSWORD_CHECK_PWN={{ gitea_vars.security.password_check_pwn }}
+{% endif %}
+{% if 'successful_tokens_cache_size' in gitea_vars['security'] %}
+GITEA__security__successful_TOKENS_CACHE_SIZE={{ gitea_vars.security.successful_tokens_cache_size }}
+{% endif %}
+{% endif %} {# /security #}