<?xml version='1.0' encoding='UTF-8'?>
<rougail version="0.10">
  <services>
    <service name="gitea" target="multi-user" engine="creole">
      <file engine="none" source="sysuser-gitea.conf">/sysusers.d/0gitea.conf</file>
      <file engine="none" source="tmpfile-gitea.conf">/tmpfiles.d/0gitea.conf</file>
      <file>/etc/gitea/app.ini</file>
      <file>/tests/gitea.yml</file>
    </service>
  </services>
  <variables>
    <family name="network">
      <variable name="incoming_ports" redefine="True">
        <value>2222</value>
      </variable>
    </family>
    <family name="redis" description="Redis">
      <variable name="redis_client_key_owner" redefine="True">
        <value>gitea</value>
      </variable>
    </family>
    <family name="gitea" description="Gitea" help="Git forge Gitea">
      <variable name="gitea_title" mandatory="True" description="Titre de la forge">
        <value>Gitea: Git avec une tasse de thé</value>
      </variable>
      <variable name="gitea_mail_sender" type="mail" description="Les courriels sont envoyés à partir de cet adresse" mandatory="True"/>
      <variable name="gitea_secret_key" type="password" hidden="True"/>
      <variable name="gitea_internal_token" type="password" hidden="True"/>
      <variable name="gitea_lfs_jwt_secret" type="password" hidden="True"/>
    </family>
    <family name="nginx">
      <family name="revprox_client">
        <variable name="revprox_client_local_location" redefine="True">
          <value>/</value>
        </variable>
      </family>
      <variable name="revprox_client_port" redefine="True">
        <value>3000</value>
      </variable>
      <variable name="revprox_client_cert_owner" redefine="True">
        <value>gitea</value>
      </variable>
      <variable name="revprox_client_cert_group" redefine="True">
        <value>gitea</value>
      </variable>
    </family>
    <family name="oauth2_client">
      <variable name="oauth2_is_client_application" redefine='True'>
        <value>True</value>
      </variable>
      <variable name="oauth2_client_name" redefine='True'>
        <value>Forge</value>
      </variable>
      <variable name="oauth2_client_description" redefine='True'>
        <value>Forge logiciel Gitea</value>
      </variable>
      <variable name="oauth2_client_category" redefine='True'>
        <value>Développement</value>
      </variable>
      <variable name="oauth2_client_logo" redefine='True'>
        <value>silique_note.png</value>
      </variable>
      <variable name="oauth2_client_token_signature_algo" redefine="True">
        <value>RS256</value>
      </variable>
      <family name="external">
        <variable name="oauth2_client_external" redefine="True" remove_fill="True"/>
      </family>
    </family>
  </variables>
  <constraints>
    <fill name="get_password">
      <param name="server_name" type="variable">domain_name_eth0</param>
      <param name="username">secret_key</param>
      <param name="description">gitea</param>
      <param name="type">cleartext</param>
      <param name="hide" type="variable">hide_secret</param>
      <param name="length" type="number">105</param>
      <target>gitea_secret_key</target>
    </fill>
    <fill name="get_password">
      <param name="server_name" type="variable">domain_name_eth0</param>
      <param name="username">internal_token</param>
      <param name="description">gitea</param>
      <param name="type">cleartext</param>
      <param name="hide" type="variable">hide_secret</param>
      <param name="length" type="number">105</param>
      <target>gitea_internal_token</target>
    </fill>
    <fill name="get_password">
      <param name="server_name" type="variable">domain_name_eth0</param>
      <param name="username">lfs_jwt_secret</param>
      <param name="description">gitea</param>
      <param name="type">cleartext</param>
      <param name="hide" type="variable">hide_secret</param>
      <param name="length" type="number">43</param>
      <target>gitea_lfs_jwt_secret</target>
    </fill>
    <fill name="calc_oauth2_client_login">
      <param type="variable" optional="True">revprox_client_external_domainnames</param>
      <param type="variable" optional="True">revprox_client_location</param>
      <param>user/oauth2/</param>
      <param type="variable">domain_name_eth0</param>
      <param>/callback</param>
      <target>oauth2_client_login</target>
    </fill>
    <fill name="calc_oauth2_client_external">
      <param type="variable">revprox_client_external_domainnames</param>
      <param type="variable">revprox_client_location</param>
      <param>user/oauth2/</param>
      <param type="variable">domain_name_eth0</param>
      <target>oauth2_client_external</target>
    </fill>
  </constraints>
</rougail>