From 17d4513b9724b3db64db81f704195ec9be13dad0 Mon Sep 17 00:00:00 2001
From: benjaoming <benjamin@overtag.dk>
Date: Mon, 31 May 2021 10:02:53 +0000
Subject: [PATCH] Add security and password policy customization

I need someone with a functional Docker setup to help test this :)

Tip from a new user that we are requiring stupid password stuff

https://www.bbc.com/news/technology-40875534
---
 roles/docker/tasks/services/gitea.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/docker/tasks/services/gitea.yml b/roles/docker/tasks/services/gitea.yml
index 77edbc9..88a1047 100644
--- a/roles/docker/tasks/services/gitea.yml
+++ b/roles/docker/tasks/services/gitea.yml
@@ -22,6 +22,8 @@
       VIRTUAL_PORT: "3000"
       LETSENCRYPT_HOST: "{{ gitea.domain }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
+      # Gitea customization, see: https://docs.gitea.io/en-us/install-with-docker/#customization
+      # https://docs.gitea.io/en-us/config-cheat-sheet/#security-security
       GITEA__mailer__ENABLED: "true"
       GITEA__mailer__FROM: "noreply@{{ gitea.domain }}"
       GITEA__mailer__MAILER_TYPE: "smtp"
@@ -29,3 +31,6 @@
       GITEA__mailer__USER: "noop"
       GITEA__mailer__PASSWD: "noop"
       GITEA__security__LOGIN_REMEMBER_DAYS: "60"
+      GITEA__security__PASSWORD_COMPLEXITY: "off"
+      GITEA__security__MIN_PASSWORD_LENGTH: "8"
+      GITEA__security__PASSWORD_CHECK_PWN: "true"