diff --git a/proxy/nginx/conf.d/forgejo.conf b/proxy/nginx/conf.d/forgejo.conf new file mode 100644 index 0000000..c7e523e --- /dev/null +++ b/proxy/nginx/conf.d/forgejo.conf @@ -0,0 +1,32 @@ +# HTTP configuration +# -- Redirect all HTTP requests to HTTPS port +server { + listen 80; # HTTP port + server_name forgejo.systemsobscure.net; + location / { + return 301 https://$host$request_uri; # Variable is a placeholder for all requests to the server name + } +} + +# HTTPS configuration + +server { + listen 443 ssl; + server_name forgejo.systemsobscure.net; + + # SSL configuration + ssl_certificate /etc/letsencrypt/live/systemsobscure.net/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/systemsobscure.net/privkey.pem; + + # Security headers + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + # Proxy Configuration + location / { + proxy_pass http://linkding:3000; # Docker network address + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} diff --git a/services/forgejo/docker-compose.yml b/services/forgejo/docker-compose.yml new file mode 100644 index 0000000..4784b31 --- /dev/null +++ b/services/forgejo/docker-compose.yml @@ -0,0 +1,36 @@ +services: + server: + image: codeberg.org/forgejo/forgejo:10 + container_name: forgejo + environment: + - USER_UID=1000 + - USER_GID=1000 + restart: always + networks: + - forgejo + volumes: + - ./forgejo:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "8002:3000" + - "222:22" + depends_on: + - db + + db: + image: mysql:8 + restart: always + environment: + - MYSQL_ROOT_PASSWORD=${FORGEJO_MYSQL_ROOT_PASSWORD} + - MYSQL_USER=forgejo + - MYSQL_PASSWORD=${FORGEJO_MYSQL_PASSWORD} + - MYSQL_DATABASE=forgejo + networks: + - forgejo + volumes: + - ./mysql:/var/lib/mysql + +networks: + forgejo: + external: false