Skip to main content

Forge: Forgejo (Git hosting, actions, etc)

shinyspace runs a Forgejo instance. This is so we can easily work together with people who are used to e.g. GitHub workflows.

Forgejo has a dedicated VM: forgejo1 
Forgejo now runs in a rootless podman container on brix4, making many things easier - no hard ram limits or storage limits for example, if needed it can use the entire server (unless other containers need resources too)

on it, there's a user "shinypod" that has podman permissions (subid/subgid stuff) and is configured to run Podman on (2024) Debian 11 Arch Linux (because debian's podman version was quite old and didn't support some features needed for rootless) without root, meaning /etc/containers/containers.conf had to be adjusted to use cgroupfs.

the Forgejo pod was created with:with this compose.yml file:

podman

version: run'3'

-dnetworks:
  \
forgejo:
    external: --namefalse

services:
  forgejo:
    image: codeberg.org/forgejo/forgejo:8-rootless
    container_name: forgejo
    \
user: "1000:1000"  # Adjust this to match your host UID:GID
    environment:
      - FORGEJO__database__DB_TYPE=postgres
      -restart= FORGEJO__database__HOST=db:5432
      - FORGEJO__database__NAME=forgejo
      - FORGEJO__database__USER=forgejo
      - FORGEJO__database__PASSWD=Wt8ooyMTMyD4wSz47I
    restart: always
    \
 networks:
      -v forgejo
    volumes:
      - ./forgejo:forgejo_data:/data \
 var/lib/gitea
      -v ./forgejo_config:/etc/timezone:/etc/timezone:ro \
 gitea
      -v /etc/localtime:/etc/localtime:ro
    \
 ports:
      -p "3000:3000 \
 3000"
      -p "2222:222222"  \
# Note: codeberg.org/forgejo/forgejo:7
Changed from 222 to 2222 for rootless container
    depends_on:
      - db
    userns_mode: "keep-id"

  db:
    image: postgres:14
    container_name: forgejo_db
    restart: always
    environment:
      - POSTGRES_USER=forgejo
      - POSTGRES_PASSWORD=Wt8ooyMTMyD4wSz47I
      - POSTGRES_DB=forgejo
    networks:
      - forgejo
    volumes:
      - ./postgres_data:/var/lib/postgresql/data
    userns_mode: "keep-id"


x-podman:
  in_pod: false

which, if ran on a new system, should create the latest version of forgejo7 (such as 7.4). Persistent data is in the ./forgejo directory, that's why it is mounted with the -v option.mounted.

Updates should be easy and smooth on forgejo 7. updating to 8 is likely going to require manual intervention.

Attention: podman won't restart containers by default. i made the following systemd unit in this case:


.config/systemd/user/compose-forgejo.service 

[Unit]

Description=Podman container-forgejo.service
Documentation=man:podman-generate-systemd(1)
Compose MyService
Wants=network.network-online.target

After=network-online.target



[Service]
User=shinypod

Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/home/shinypod
Restart=on-failure
%h/forgejo
ExecStart=/usr/bin/podmanpodman-compose startup forgejo
-d
ExecStop=/usr/bin/podmanpodman-compose stopdown

forgejo -t 10
Type=oneshot
RemainAfterExit=true


[Install]

WantedBy=multi-user.default.target 

the Type and RemainAfterExit lines are what keeps the container up.

A forgejo runner was set up for the shiny.space organisation, so any repos belonging to that can use it. it runs on a dedicated VM runner1 with Docker (as the required container sockets come with docker per default, but require extra setup on podman). 

it was created (after installing dependencies such as docker) with the command

./forgejo-runner register --no-interactive --token <TOKEN> --name runner --instance https://forge.shiny.space --labels docker:docker://node:16-bullseye,self-hosted

and started as a systemd service running /root/forgejo-runner daemon

Back to top