From 24993a45c7b8ada41e32559fae9ee899d37aba37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Tue, 16 Aug 2022 16:39:53 +0200
Subject: [PATCH] jwt: let Geth generate secret by itself
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Using `password_hash` doesn't work as the value has to be hex encoded.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 defaults/main.yml  | 2 +-
 tasks/generate.yml | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index dd3600c..f684a15 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -55,7 +55,7 @@ geth_authrpc_enabled: true
 geth_authrpc_addr: '127.0.0.1'
 geth_authrpc_port: 8551
 geth_authrpc_vhosts: '{{ geth_rpc_vhosts }}'
-geth_authrpc_jwtsecret: '{{ geth_service_name | password_hash("sha512", (inventory_hostname|hash("sha1"))[0:16], rounds=5000) }}'
+#geth_authrpc_jwtsecret: '0x64charHexEncodedSecretToken'
 geth_authrpc_jwtsecret_file: '{{ geth_cont_vol }}/keys/jwtsecret'
 
 # Sync mode: full, fast, light, snap
diff --git a/tasks/generate.yml b/tasks/generate.yml
index 0d19e3f..01b5e11 100644
--- a/tasks/generate.yml
+++ b/tasks/generate.yml
@@ -103,6 +103,7 @@
     group: 'docker'
 
 - name: Geth | Create JWT secret file
+  when: geth_authrpc_jwtsecret is defined
   copy:
     dest: '{{ geth_authrpc_jwtsecret_file }}'
     content: '{{ geth_authrpc_jwtsecret | mandatory }}'