8 KiB
Executable file
8 KiB
Executable file
Forgejo
- links
- Forgejo Basic Info
- Forgejo Organizations Overview
- Forgejo on Raspberry Pi
- Git Repository Management
- How to Check Repository Access for a User via Token
links
Forgejo Basic Info
Instance Details
| Property | Value |
|---|---|
| URL | https://forgejo.ronnyabraham.com |
| SSH Server Port | 222 |
| Web Server Port | 3000 |
| Repository Root Path | /data/git/repositories |
| Docker User | git |
Users
| Role | Username | Password | |
|---|---|---|---|
| Admin | git-admin | 2reishit2ara | ronny.abraham@ymail.com |
| Developer | ronnygit | 2reishit2ara | ronny.coder@gmail.com |
| notes admin | scribe | 2reishit2ara | scribe@ronnyabraham.com |
| website user | website-ronny | 2reishit2ara | website@ronnyabraham.com |
token access
Forgejo Organizations Overview
This section documents the Forgejo organizations, their repositories, and associated Git origin URLs.
organizations
| Organization | url base |
|---|---|
| default (none) | |
| django-repositories | ssh://git@forgejo.ronnyabraham.com:222/django-repositories |
| notes | ssh://git@forgejo.ronnyabraham.com:222/notes |
repositories
| Organization | Repository | description |
|---|---|---|
| django-repositories | savage-lands.git | |
| notes | home-network |
Forgejo on Raspberry Pi
Data Drive & Volumes
Physical Storage & Mount Info️
| Property | Value |
|---|---|
| Physical Mount | /mnt/git |
| Logical Bind Mount | /srv/git |
| Device | /dev/sdb1 |
| Filesystem Type | ext4 |
| Label | gitdisk |
| UUID | 649f82e9-cfc0-4725-b260-d40f413bd0c3 |
| Used for | Forgejo repository storage |
fstab Entries
UUID=649f82e9-cfc0-4725-b260-d40f413bd0c3 /mnt/git ext4 defaults,noatime 0 2
/mnt/git /srv/git none bind 0 0Mapping
To separate application configuration from repository data, the Forgejo Docker container uses specific internal paths. We map our host directories accordingly for clarity and ease of maintenance.
Folder Layout
/mnt/storage/compose/docker/forgejo ← holds docker-compose.yml /srv/git/ ├── data/ ← holds all persistent repo data (repositories, issues, uploads) └── config/ ← holds configuration files (e.g. app.ini)
This split layout allows easy backup, inspection, and version control of the Forgejo configuration without interfering with large and changing repository data.
Volume Mapping
| Host path | Container path | Purpose |
|---|---|---|
| /srv/git/data | /data/data | Git repos, issues, uploads |
| /srv/git/config | /data/gitea/conf | app.ini, server configuration |
Make sure both folders on the host (`/srv/git/data` and `/srv/git/config`) are owned by the correct user (e.g. UID 1000), and match the container’s expectations.
File Setup
| Component | Path | Purpose |
|---|---|---|
| Nginx | /etc/nginx/sites-available/forgejo | reverse proxy for Forgejo |
| Docker | /mnt/storage/docker/compose/forgejo | docker compose file |
Docker Setup
Nginx
Site Configuration
Enable Site & Restart
sudo ln -s /etc/nginx/sites-available/forgejo /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginxEnable HTTPS with Certbot
sudo certbot --nginx -d git.ronnyabraham.comFirst-Time Setup
- Visit: https://forgejo.ronnyabraham.com
- Create the `git-admin` user and initialize your first repository.
Git Repository Management
Push an Existing Local Repo to Forgejo
cd ~/your-local-project
git remote add origin ssh://git@forgejo.ronnyabraham.com:222/ronny/<repo-name>.git
git push -u origin mainMirror from Bitbucket to Forgejo
git clone --mirror git@bitbucket.org:your-username/your-repo.git
cd your-repo.git
git remote set-url --push origin ssh://git@forgejo.ronnyabraham.com:222/ronny/your-repo.git
git push --mirror
cd ..
rm -rf your-repo.gitExample: Uploading savage-lands Repo
Repository Info
- Repo Name: savage-lands
- Owner: ronnygit
- Remote: ssh://git@forgejo.ronnyabraham.com:222/ronnygit/savage-lands.git
Commands
git remote remove origin # if already exists
git remote add origin ssh://git@forgejo.ronnyabraham.com:222/ronnygit/savage-lands.git
git push -u origin mainHow to Check Repository Access for a User via Token
To verify whether a Forgejo user (e.g. `ronnygit`) has access to a specific repository, you can use a Personal Access Token (PAT) to query the Forgejo API. This helps confirm push/pull permissions and identify missing access rights.
Step-by-Step: Create a Personal Access Token
- Log in to Forgejo as the user: `ronnygit`
- Go to: https://forgejo.ronnyabraham.com/user/settings/applications
- Click "Generate New Token"
- Name it: api-debug
-
Enable these scopes:
- repository - read/write access to repositories
- organization - access to organization/team membership
- user - user info access
- issue - access to issues API
- (Do not enable package or activitypub unless needed)
- Click "Generate" and save the token immediately
Use the Token to Query Repository Access
Example command to check access to the `project` repository under `django-repositories`:
curl -H "Authorization: token edea73cc91dbae359d89eb0e644ef2c97f3aedf0" \
https://forgejo.ronnyabraham.com/api/v1/repos/django-repositories/projectExpected output:
"permissions": {
"admin": false,
"push": true,
"pull": true
}
HTTP error meanings:
- 404 - repository does not exist or is private with no access
- 403 - repository exists, but you do not have permission
- 401 - token is invalid or expired
Token Details
Scope Overview
| Scope | Required | Purpose |
|---|---|---|
| repository | Yes | Access to repository APIs (push, pull, branches, etc.) |
| organization | Yes | View team and organization membership |
| user | Optional | View user info and preferences |
| issue | Optional | Access issues (create, read, update, comment) |
| package | No | Access to package registry (e.g., Docker, npm, PyPI) |
| activitypub | No | Enable federation features (e.g., Mastodon integration) |