Forgejo/docker-compose.yml

version: '3.8'

services:
  forgejo:
    image: codeberg.org/forgejo/forgejo:7
    container_name: forgejo
    restart: unless-stopped
    environment:
      - USER_UID=1000
      - USER_GID=1000

      # DB
      - FORGEJO__database__DB_TYPE=postgres
      - FORGEJO__database__HOST=forgejo-db:5432
      - FORGEJO__database__NAME=forgejo
      - FORGEJO__database__USER=forgejo
      - FORGEJO__database__PASSWD=forgejo_password
      - FORGEJO__service__DISABLE_REGISTRATION=true

      # 🔐 LFS + JWT (needed for LFS auth)
      - FORGEJO__server__LFS_START_SERVER=true
      - FORGEJO__server__LFS_CONTENT_PATH=/data/lfs
      # Generate some long random string here:
      - FORGEJO__security__JWT_SECRET=change_me_to_a_long_random_string

      # Optional: allow larger uploads through web UI (not LFS, just normal uploads)
      - FORGEJO__repository__UPLOAD__ENABLED=true
      - FORGEJO__repository__UPLOAD__FILE_MAX_SIZE=512  # MB, for normal uploads
      # ✅ Correct external URL (very important for clone URLs, webhooks, etc.)
      - FORGEJO__server__ROOT_URL=https://forgejo.rozic-dev.com/
      # ✅ LFS: use [lfs] PATH instead of deprecated LFS_CONTENT_PATH
      - FORGEJO__server__LFS_START_SERVER=true
      - FORGEJO__lfs__PATH=/data/lfs
    volumes:
      - ./forgejo/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    networks:
      - traefik_default
      - forgejo-internal
    depends_on:
      - forgejo-db
    labels:
      - "traefik.enable=true"

     # HTTP → HTTPS redirect
      - "traefik.http.routers.forgejo.entrypoints=web"
      - "traefik.http.routers.forgejo.rule=Host(`forgejo.rozic-dev.com`)"
      - "traefik.http.middlewares.forgejo-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.forgejo.middlewares=forgejo-https-redirect"

      # Secure HTTPS Router
      - "traefik.http.routers.forgejo-secure.entrypoints=websecure"
      - "traefik.http.routers.forgejo-secure.rule=Host(`forgejo.rozic-dev.com`)"
      - "traefik.http.routers.forgejo-secure.tls=true"
      - "traefik.http.routers.forgejo-secure.tls.certresolver=letsencrypt"
      # Service
      - "traefik.http.routers.forgejo-secure.service=forgejo"
      - "traefik.http.services.forgejo.loadbalancer.server.port=3000"
      - "traefik.docker.network=traefik_default"

  forgejo-db:
    image: postgres:15-alpine
    container_name: forgejo-db
    restart: unless-stopped
    environment:
      - POSTGRES_USER=forgejo
      - POSTGRES_PASSWORD=forgejo_password
      - POSTGRES_DB=forgejo
    volumes:
      - ./forgejo/postgres:/var/lib/postgresql/data
    networks:
      - forgejo-internal

networks:
  traefik_default:
    external: true
  forgejo-internal:
    driver: bridge
added docker compose file 2025-11-25 06:38:27 +00:00			`version: '3.8'`

			`services:`
			`forgejo:`
			`image: codeberg.org/forgejo/forgejo:7`
			`container_name: forgejo`
			`restart: unless-stopped`
			`environment:`
			`- USER_UID=1000`
			`- USER_GID=1000`

			`# DB`
			`- FORGEJO__database__DB_TYPE=postgres`
			`- FORGEJO__database__HOST=forgejo-db:5432`
			`- FORGEJO__database__NAME=forgejo`
			`- FORGEJO__database__USER=forgejo`
			`- FORGEJO__database__PASSWD=forgejo_password`
			`- FORGEJO__service__DISABLE_REGISTRATION=true`

			`# 🔐 LFS + JWT (needed for LFS auth)`
			`- FORGEJO__server__LFS_START_SERVER=true`
			`- FORGEJO__server__LFS_CONTENT_PATH=/data/lfs`
			`# Generate some long random string here:`
			`- FORGEJO__security__JWT_SECRET=change_me_to_a_long_random_string`

			`# Optional: allow larger uploads through web UI (not LFS, just normal uploads)`
			`- FORGEJO__repository__UPLOAD__ENABLED=true`
			`- FORGEJO__repository__UPLOAD__FILE_MAX_SIZE=512 # MB, for normal uploads`
			`# ✅ Correct external URL (very important for clone URLs, webhooks, etc.)`
			`- FORGEJO__server__ROOT_URL=https://forgejo.rozic-dev.com/`
			`# ✅ LFS: use [lfs] PATH instead of deprecated LFS_CONTENT_PATH`
			`- FORGEJO__server__LFS_START_SERVER=true`
			`- FORGEJO__lfs__PATH=/data/lfs`
			`volumes:`
			`- ./forgejo/data:/data`
			`- /etc/timezone:/etc/timezone:ro`
			`- /etc/localtime:/etc/localtime:ro`
			`networks:`
			`- traefik_default`
			`- forgejo-internal`
			`depends_on:`
			`- forgejo-db`
			`labels:`
			`- "traefik.enable=true"`

			`# HTTP → HTTPS redirect`
			`- "traefik.http.routers.forgejo.entrypoints=web"`
			- "traefik.http.routers.forgejo.rule=Host(`forgejo.rozic-dev.com`)"
			`- "traefik.http.middlewares.forgejo-https-redirect.redirectscheme.scheme=https"`
			`- "traefik.http.routers.forgejo.middlewares=forgejo-https-redirect"`

			`# Secure HTTPS Router`
			`- "traefik.http.routers.forgejo-secure.entrypoints=websecure"`
			- "traefik.http.routers.forgejo-secure.rule=Host(`forgejo.rozic-dev.com`)"
			`- "traefik.http.routers.forgejo-secure.tls=true"`
			`- "traefik.http.routers.forgejo-secure.tls.certresolver=letsencrypt"`
			`# Service`
			`- "traefik.http.routers.forgejo-secure.service=forgejo"`
			`- "traefik.http.services.forgejo.loadbalancer.server.port=3000"`
			`- "traefik.docker.network=traefik_default"`

			`forgejo-db:`
			`image: postgres:15-alpine`
			`container_name: forgejo-db`
			`restart: unless-stopped`
			`environment:`
			`- POSTGRES_USER=forgejo`
			`- POSTGRES_PASSWORD=forgejo_password`
			`- POSTGRES_DB=forgejo`
			`volumes:`
			`- ./forgejo/postgres:/var/lib/postgresql/data`
			`networks:`
			`- forgejo-internal`

			`networks:`
			`traefik_default:`
			`external: true`
			`forgejo-internal:`
			`driver: bridge`