User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
services:forgejo [2025/03/13 14:41] – [Forgejo] willyservices:forgejo [2025/12/02 14:01] (current) willy
Line 44: Line 44:
  
 [server] [server]
-ROOT_URL = https://home.mydomain.com/forgejo/+ROOT_URL = https://git.mydomain.com/
 HTTP_ADDR = 127.0.0.1 HTTP_ADDR = 127.0.0.1
 HTTP_PORT = 3001 HTTP_PORT = 3001
Line 93: Line 93:
 And setup NGINX reverse proxy by creating **forgejo.conf**: And setup NGINX reverse proxy by creating **forgejo.conf**:
 <file forgejo.conf> <file forgejo.conf>
-  location /forgejo/ {+server { 
 +        server_name git.mydomain.com; 
 +        listen 443 ssl; 
 +        listen 8443 ssl; 
 +        http2 on; 
         client_max_body_size 512M;         client_max_body_size 512M;
  
-        # make nginx use unescaped URI, keep "%2F" as is +        access_log /var/log/nginx/git.mydomain.com_access_log main
-        rewrite ^ $request_uri; +        error_log /var/log/nginx/git.mydomain.com_error_log info;
-        rewrite ^/forgejo(/.*) $1 break+
-        proxy_pass http://127.0.0.1:3001$uri;+
  
-        proxy_set_header Connection $http_connection+        location / { # The trailing / is important! 
-        proxy_set_header Upgrade $http_upgrade+                proxy_pass        http://127.0.0.1:3001/# The / is important! 
-        proxy_set_header Host $host+                proxy_set_header  X-Script-Name /
-        proxy_set_header X-Real-IP $remote_addr; +                proxy_set_header  Host $http_host
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +                proxy_http_version 1.1; 
-        proxy_set_header X-Forwarded-Proto $scheme; +                proxy_buffering off; 
-        proxy_set_header X-WEBAUTH-USER $remote_user; +                proxy_set_header Connection "upgrade"; 
-        proxy_set_header Authorization ""; +                proxy_set_header X-Real-IP $remote_addr; 
-    }+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
 +                # The following lines for propagating Proxy Auth (comment if you don't use it): 
 +                proxy_set_header X-WEBAUTH-USER $remote_user; 
 +                proxy_set_header Authorization ""; 
 +        } 
 + 
 +        include com.mydomain/certbot.conf; 
 +}
 </file> </file>
 (refer to [[selfhost:nginx|The Reverse Proxy concept]] for more details on this) (refer to [[selfhost:nginx|The Reverse Proxy concept]] for more details on this)
Line 115: Line 125:
 Now your remote URLs are in the following format: Now your remote URLs are in the following format:
 <code> <code>
- For SSH urls: ssh://git@home.mydomain.com:ssh_port/user/repo.git+ For SSH urls: ssh://git@git.mydomain.com:ssh_port/user/repo.git
 </code> </code>
 +
 +Note, while you can use a subpath instead of a subdomain, going that route will leave you with inconsistent SSH/HTTPS GIT URLs as the web URL will contain the subpath while the SSH command cannot understand it.
 +
  
 == Using Reverse Proxy authentication === == Using Reverse Proxy authentication ===