resource "kubernetes_secret_v1" "gitea_inline_config" {
  metadata {
    name      = "gitea-inline-config"
    namespace = var.namespace
    labels    = local.common-labels
  }

  data = {
    "_generals_" = ""
    metrics      = "ENABLED=true"
    security     = "INSTALL_LOCK=true"
    service      =  "DISABLE_REGISTRATION=${var.disable-registration}"
    cache        = <<-EOF
ADAPTER=redis
ENABLED=true
HOST=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
    EOF
    queue = <<-EOF
CONN_STR=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
TYPE=redis
    EOF
    session = <<-EOF
PROVIDER=redis
PROVIDER_CONFIG=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
    EOF
    indexer = <<-EOF
ISSUE_INDEXER_TYPE=bleve
REPO_INDEXER_ENABLED=true
    EOF
    database = <<-EOF
DB_TYPE=postgres
HOST=${var.instance}-${var.component}-pg-rw.${var.namespace}.svc:5432
NAME=${var.component}
PASSWD=${data.kubernetes_secret_v1.postgresql_password.data["password"]}
USER=${data.kubernetes_secret_v1.postgresql_password.data["username"]}
    EOF
    repository = <<-EOF
DEFAULT_BRANCH=${var.default-branch}
DEFAULT_PUSH_CREATE_PRIVATE=${var.push-create.private}
ENABLE_PUSH_CREATE_ORG=${var.push-create.org}
ENABLE_PUSH_CREATE_USER=${var.push-create.user}
ROOT=/data/git/gitea-repositories
    EOF
    server = <<-EOF
APP_DATA_PATH=/data
DOMAIN=${var.sub-domain}.${var.domain_name}
ENABLE_PPROF=false
HTTP_PORT=3000
PROTOCOL=http
ROOT_URL=https://${var.sub-domain}.${var.domain_name}
SSH_DOMAIN=${var.sub-domain}.${var.domain_name}
SSH_LISTEN_PORT=2222
SSH_PORT=${var.ssh-port}
SSH_DOMAIN=${var.ssh-sub-domain}.${var.domain_name}
START_SSH_SERVER=true
    EOF
    ui = <<-EOF
DEFAULT_THEME=${var.theme}
SHOW_USER_EMAIL=false
THEMES=auto,gitea,arc-green,edge-auto,edge-dark,edge-light,everforest-auto,everforest-dark,everforest-light,gitea-modern,gruvbox-auto,gruvbox-dark,gruvbox-light,gruvbox-material-auto,gruvbox-material-dark,gruvbox-material-light,palenight,soft-era,sonokai-andromeda,sonokai-atlantis,sonokai-espresso,sonokai-maia,sonokai-shusia,sonokai,theme-nord
    EOF
    webhook = <<-EOF
ALLOWED_HOST_LIST=${var.webhook.allowed-hosts}
SKIP_TLS_VERIFY=${var.webhook.skip-tls-verify}
    EOF
    openid = <<-EOF
ENABLE_OPENID_SIGNIN=true
ENABLE_OPENID_SIGNUP=true
    EOF
    oauth2_client = <<-EOF
REGISTER_EMAIL_CONFIRM=false
ENABLE_AUTO_REGISTRATION=true
ACCOUNT_LINKING=auto
OPENID_CONNECT_SCOPES=openid email profile
    EOF
  }
}