I have set up a gitea instance using docker-rootless, and I can see in the config that SECRET_KEY is empty. I thought it would have been generated automatically. Is it OK to be empty? What does it actually encrypt, and is encryption on by default?
Does it mean the secret key is not used if app.ini shows an empty string? Is this a valid use case, or do I always have to set it to something?
Same question about INTERNAL_TOKEN. This field has a value. Do I need to save this somewhere? If I delete the config file (which is mounted to the docker container) and restart the docker image, will I lose this token? Where is the token used (e.g. what should I expect not to work if this token is lost)?