forgejo working

02_vps_core_services_setup.md

@@ -102,3 +102,24 @@ Vaultwarden is a credentials manager.
 * Stop Vaultwarden.
 * Overwrite the data folder with one of the backups.
 * Start it up again.
+
+## Forgejo
+
+Forgejo is a git server.
+
+### Deploy
+
+* Decide what subdomain you want to serve Forgejo on and add it to `services/forgejo/forgejo_vars.yml` on the `forgejo_subdomain`.
+    * Note that you will have to add a DNS entry to point to the VPS public IP.
+* Run the deployment playbook: `ansible-playbook -i inventory.ini services/forgejo/deploy_forgejo_playbook.yml`.
+
+### Configure
+
+* Forgejo will be available for you to create a user on first start. Do that and store the creds safely.
+* Default behaviour after that is not allow for registrations.
+* You can tweak more settings from that point on.
+* SSH cloning should work out of the box (after you've set up your SSH pub key in Forgejo, that is).
+
+### Backups
+
+No explicit backups. It's assumed that important repos will be in Lapy, and that perhaps you might even backup lapy as well.

ansible/services/forgejo/deploy_forgejo_playbook.yml

@@ -1,6 +1,9 @@
 - name: Install Forgejo on Debian 12 with Caddy reverse proxy
   hosts: vipy
   become: yes
+  vars_files:
+    - ../../infra_vars.yml
+    - ./forgejo_vars.yml
   vars:
     forgejo_domain: "{{ forgejo_subdomain }}.{{ root_domain }}"
 
@@ -48,10 +51,22 @@
       file:
         path: "{{ forgejo_config_dir }}"
         state: directory
-        owner: "root"
+        owner: "{{ forgejo_user }}"
         group: "{{ forgejo_user }}"
         mode: '0770'
 
+    - name: Create Forgejo config file
+      ansible.builtin.copy:
+        dest: "{{ forgejo_config_dir }}/app.ini"
+        content: |
+          APP_NAME = ; Countergit
+
+          [server]
+          HTTP_PORT = {{ forgejo_port }}
+        owner: "{{ forgejo_user }}"
+        group: "{{ forgejo_user }}"
+        mode: '0644'
+  
     - name: Download Forgejo systemd service file
       get_url:
         url: "{{ forgejo_service_url }}"
@@ -68,21 +83,12 @@
         enabled: yes
         state: started
 
-    - name: Add Caddy reverse proxy config for Forgejo
-      copy:
-        dest: "{{ caddy_config_path }}"
-        mode: '0644'
-        content: |
-          {{ caddy_site_domain }} {
-              reverse_proxy localhost:3000
-          }
-
-    - name: Create Caddy reverse proxy configuration for uptime kuma
+    - name: Create Caddy reverse proxy configuration for forgejo
       copy:
         dest: "{{ caddy_sites_dir }}/forgejo.conf"
         content: |
-          {{ uptime_kuma_domain }} {
-              reverse_proxy localhost:{{ uptime_kuma_port }}
+          {{ forgejo_domain }} {
+              reverse_proxy localhost:{{ forgejo_port }}
           }
         owner: root
         group: root

ansible/services/forgejo/forgejo_vars.yml

@@ -17,7 +17,3 @@ forgejo_subdomain: forgejo
 remote_host: "{{ groups['vipy'][0] }}"
 remote_user: "{{ hostvars[remote_host]['ansible_user'] }}"
 remote_key_file: "{{ hostvars[remote_host]['ansible_ssh_private_key_file'] | default('') }}"
-
-# Local backup
-local_backup_dir: "{{ lookup('env', 'HOME') }}/forgejo-backups"
-backup_script_path: "{{ lookup('env', 'HOME') }}/.local/bin/forgejo_backup.sh"