From b54dca7f42377ab0fc65c7eb127d370c61c901cd Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Wed, 28 Jul 2021 18:42:57 +0200
Subject: [PATCH] Add some session defaults.

---
 defaults/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 6aa7402..d185877 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -143,6 +143,9 @@ gitea_app_configurations:
   - { section: 'log.sublogger.access', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/access.log', state: 'present' }
   - { section: 'log.sublogger.xorm', option: 'FILE_NAME', value: '{{ gitea_log_dir }}/xorm.log', state: 'present' }
   - { section: 'database', option: 'LOG_SQL', value: 'false', state: 'present' }
+  - { section: 'security', option: 'CSRF_COOKIE_HTTP_ONLY', value: 'true', state: 'present'}
+  - { section: 'session', option: 'SAME_SITE', value: 'lax', state: 'present'}
+  - { section: 'session', option: 'COOKIE_SECURE', value: 'false', state: 'present'}
 #  - { section: 'mailer', option: 'ENABLED', value: 'true', state: 'present' }
 #  - { section: 'mailer', option: 'FROM', value: '{{ gitea_mail_from }}', state: 'present' }
 #  - { section: 'mailer', option: 'MAILER_TYPE', value: '{{ gitea_mailer_type }}', state: 'present' }