# Managed by salt
{%- import_yaml 'gitea/app_defaults.yaml' as defaults %}
{%- set secrets = salt.file.read(pillar['gitea']['path'] + '/etc/secrets.json') | load_json %}
{%- set pillar_global = salt.pillar.get('gitea:config:global', {}) %}
{%- set pillar_sections = salt.pillar.get('gitea:config:sections', {}) %}

{%- for key in defaults['global'].keys() %}
{%-   if key in pillar_global %}
{{ key }} = {{ pillar_global[key] }}
{%-   else %}
{{ key }} = {{ defaults['global'][key] }}
{%-   endif %}
{%- endfor %}
{%- for key, val in pillar_global.items() %}
{%-   if key not in defaults['global'] %}
{{ key }} = {{ val }}
{%-   endif %}
{%- endfor %}

[security]
INTERNAL_TOKEN = {{ secrets['INTERNAL_TOKEN'] }}
INSTALL_LOCK = true
SECRET_KEY = {{ secrets['SECRET_KEY'] }}

{%- for section in defaults['sections'].keys() %}

[{{ section }}]
{%-   if section == 'server' %}
LFS_JWT_SECRET = {{ secrets['LFS_JWT_SECRET'] }}
{%-   elif section == 'database' %}
NAME = {{ pillar_sections['database']['NAME'] }}
USER = {{ pillar_sections['database']['USER'] }}
PASSWD = `{{ pillar_sections['database']['PASSWD'] }}`
{%-   endif %}
{%-   for key in defaults['sections'][section] %}
{%-     if section in pillar_sections and key in pillar_sections[section] %}
{{ key }} = {{pillar_sections[section][key]}}
{%-     else %}
{{ key }} = {{defaults['sections'][section][key]}}
{%-     endif %}
{%-   endfor %}
{%- endfor %}

[oauth2]
JWT_SECRET = {{ pillar_sections['oauth2']['JWT_SECRET'] }}