Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' into sutty

Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' of ssh://git.coopcloud.tech:2222/coop-cloud/forgejo into renovate/codeberg.org-forgejo-forgejo-14.x
chore(deps): update codeberg.org/forgejo/forgejo docker tag to v14
2026-01-17 20:51:49 -03:00 · 2026-01-17 20:51:36 -03:00 · 2026-01-17 07:25:46 +00:00 · 2026-01-16 15:52:47 -03:00 · 2026-01-16 15:52:38 -03:00 · 2026-01-16 15:52:19 -03:00
8 changed files with 65 additions and 9 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1,6 +1,6 @@
-TYPE=gitea
+TYPE=forgejo

-DOMAIN=gitea.example.com
+DOMAIN=forgejo.example.com
 LETS_ENCRYPT_ENV=production
 COMPOSE_FILE="compose.yml"
 ENABLE_BACKUPS=true
@ -8,12 +8,14 @@ COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
 # COMPOSE_FILE="$COMPOSE_FILE:compose.sqlite3.yml"
 # COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"

-# Enable to use forgejo instead of gitea
-# COMPOSE_FILE="$COMPOSE_FILE:compose.forgejo.yml"
-# SECRET_LFS_JWT_SECRET_VERSION=v1 # length=43
+SECRET_LFS_JWT_SECRET_VERSION=v1 # length=43

-GITEA_DOMAIN=git.example.com
+# Anubis
+# COMPOSE_FILE="$COMPOSE_FILE:compose.anubis.yml"
+
+GITEA_DOMAIN="${DOMAIN}"
 GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION=true
+GITEA_ALLOW_ONLY_INTERNAL_REGISTRATION=false
 GITEA_APP_NAME="Git with solidaritea"
 GITEA_AUTO_WATCH_NEW_REPOS=false
 GITEA_DISABLE_REGISTRATION=false
@ -35,6 +37,7 @@ GITEA_REQUIRE_SIGNIN_VIEW=true
 GITEA_ENABLE_PUSH_CREATE_USER=false
 GITEA_ENABLE_PUSH_CREATE_ORG=false
 GITEA_LFS_START_SERVER=false
+GITEA_MAX_CREATION_LIMIT=-1

 GITEA_REPO_UPLOAD_ENABLED=true
 GITEA_REPO_UPLOAD_ALLOWED_TYPES=*/*
--- a/MAINTENANCE.md
+++ b/MAINTENANCE.md
@ -0,0 +1,32 @@
+# Forgejo Recipe Maintenance
+
+All contributions should be made via a pull request. This is to ensure a
+certain quality and consistency, that others can rely on.
+
+## Maintainer Responsibilities
+
+A recipe maintainer has the following responsibilities:
+
+- Respond to pull requests / issues within two weeks
+- Make image security updates within a day
+- Make image patch / minor updates within a week
+- Make image major updates within a month
+
+In order to fullfill these responsibilities a recipe maintainer:
+
+- Has to watch the repository (to get notifications)
+- Needs to make sure renovate is configured properly
+
+## Pull Requests
+
+A pull request can be merged if it is approved by at least one maintainer. For
+pull requests opened by a maintainer they need to be approved by another
+maintainer. Even though it is okay to merge a pull request with one approval, it
+is always better if all maintainers looked at the pull request and approved it.
+
+## Become a maintainer
+
+Everyone can apply to be a recipe maintainer:
+1. Watch the repository to always get updates
+2. Simply add your self to the list in the [README.md](./README.md) and open a new pull request with the change.
+3. Once the pull request gets merged you will be added to the [forgejo maintainers team](https://git.coopcloud.tech/org/coop-cloud/teams/forgejo-maintainers).
--- a/README.md
+++ b/README.md
@ -3,6 +3,7 @@
 [![Build Status](https://build.coopcloud.tech/api/badges/coop-cloud/forgejo/status.svg)](https://build.coopcloud.tech/coop-cloud/forgejo)

 <!-- metadata -->
+* **Maintainer**: [@p4u1](https://git.coopcloud.tech/p4u1), [@fauno](https://git.coopcloud.tech/fauno)
 * **Category**: Development
 * **Status**: 5
 * **Image**: [`forgejo/forgejo`](https://codeberg.org/forgejo/-/packages/container/forgejo/13-rootless), 4, upstream
@ -59,3 +60,9 @@ ssh -T -p 2222 git@my.gitea.example.com
 ```

 Note that gitea should be configured to listen to port 2222, i.e. `GITEA_SSH_PORT=2222` in the gitea config.
+
+## Protect Forgejo from scrapers with Anubis
+
+Uncomment the Anubis compose file from the `.env` file and re-deploy the
+app.  Don't forget to actually [enable Anubis on the Traefik app
+too](https://recipes.coopcloud.tech/traefik)!
--- a/abra.sh
+++ b/abra.sh
@ -1,4 +1,4 @@
-export APP_INI_VERSION=v23
+export APP_INI_VERSION=v25
 export DOCKER_SETUP_SH_VERSION=v1
 export PG_BACKUP_VERSION=v1

--- a/app.ini.tmpl
+++ b/app.ini.tmpl
@ -18,6 +18,7 @@ ENABLE_FEDERATED_AVATAR = {{ env "GITEA_ENABLE_FEDERATED_AVATAR" }}

 [service]
 ALLOW_ONLY_EXTERNAL_REGISTRATION = {{ env "GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION" }}
+ALLOW_ONLY_INTERNAL_REGISTRATION = {{ env "GITEA_ALLOW_ONLY_INTERNAL_REGISTRATION" }}
 AUTO_WATCH_NEW_REPOS = {{ env "GITEA_AUTO_WATCH_NEW_REPOS" }}
 DISABLE_REGISTRATION = {{ env "GITEA_DISABLE_REGISTRATION" }}
 ENABLE_NOTIFY_MAIL = {{ env "GITEA_ENABLE_NOTIFY_MAIL" }}
@ -38,6 +39,7 @@ ENABLE_OPENID_SIGNUP = {{ env "GITEA_ENABLE_OPENID_SIGNUP" }}
 DEFAULT_BRANCH = main
 ENABLE_PUSH_CREATE_USER = {{ env "GITEA_ENABLE_PUSH_CREATE_USER" }}
 ENABLE_PUSH_CREATE_ORG = {{ env "GITEA_ENABLE_PUSH_CREATE_ORG" }}
+MAX_CREATION_LIMIT = {{ env "GITEA_MAX_CREATION_LIMIT" }}

 [repository.upload]
 ENABLED = {{ env "GITEA_REPO_UPLOAD_ENABLED" }}
--- a/compose.anubis.yml
+++ b/compose.anubis.yml
@ -0,0 +1,7 @@
+---
+version: "3.8"
+services:
+  app:
+    deploy:
+      labels:
+      - "traefik.http.routers.${STACK_NAME}.middlewares=anubis,${STACK_NAME}_cors"
--- a/compose.yml
+++ b/compose.yml
@ -3,7 +3,7 @@ version: "3.8"

 services:
  app:
-    image: codeberg.org/forgejo/forgejo:13.0.2-rootless
+    image: codeberg.org/forgejo/forgejo:14.0.1-rootless
    configs:
      - source: app_ini
        target: /etc/gitea/app.ini
@ -17,6 +17,7 @@ services:
      - lfs_jwt_secret
    environment:
      - GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION
+      - GITEA_ALLOW_ONLY_INTERNAL_REGISTRATION
      - GITEA_APP_NAME
      - GITEA_AUTO_WATCH_NEW_REPOS
      - GITEA_DISABLE_REGISTRATION
@ -55,6 +56,7 @@ services:
      - GITEA__oauth2__REFRESH_TOKEN_EXPIRATION_TIME
      - GITEA_LFS_START_SERVER=${GITEA_LFS_START_SERVER:-false}
      - GITEA_ENABLE_INTERNAL_SIGNIN
+      - GITEA_MAX_CREATION_LIMIT=${GITEA_MAX_CREATION_LIMIT:--1}
    volumes:
      - data:/var/lib/gitea
      - config:/etc/gitea
@ -89,7 +91,7 @@ services:
        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}"
        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100"
        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true"
-        - coop-cloud.${STACK_NAME}.version=5.0.0+13.0.2-rootless
+        - coop-cloud.${STACK_NAME}.version=5.0.3+13.0.4-rootless


 networks:
--- a/renovate.json
+++ b/renovate.json
@ -2,5 +2,8 @@
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended"
+  ],
+  "reviewers": [
+    "team:forgejo-maintainers"
  ]
 }
Author	SHA1	Message	Date
f	05f5bcbf09	Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' into sutty	2026-01-17 20:51:49 -03:00
f	84cf9024eb	Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' of ssh://git.coopcloud.tech:2222/coop-cloud/forgejo into renovate/codeberg.org-forgejo-forgejo-14.x	2026-01-17 20:51:36 -03:00
Renovate Bot	dba55ce581	chore(deps): update codeberg.org/forgejo/forgejo docker tag to v14	2026-01-17 07:25:46 +00:00
f	faa1835e06	fix: abra.sh	2026-01-16 15:52:47 -03:00
f	4888a452cd	Merge branch 'internal-registration' into sutty	2026-01-16 15:52:38 -03:00
f	668b665afb	feat: toggle internal registration	2026-01-16 15:52:19 -03:00
f	d621069451	Merge branch 'renovate/codeberg.org-forgejo-forgejo-14.x' into sutty	2026-01-16 15:38:43 -03:00
f	f91807efda	Merge branch 'main' of https://git.coopcloud.tech/coop-cloud/forgejo into sutty	2026-01-16 15:38:13 -03:00
f	6e8462d494	feat: global limit for repository creation	2026-01-16 15:37:17 -03:00
fauno	af279eeab8	Merge pull request 'feat: renovate assigns reviewers automatically' (#16 ) from reviewers into main Reviewed-on: #16 Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech>	2026-01-16 18:23:32 +00:00
f	ab0a3df75f	feat: renovate assigns reviewers automatically	2026-01-16 09:59:52 -03:00
fauno	df61cea056	Merge pull request 'feat: maintainers' (#14 ) from maintainers into main Reviewed-on: #14 Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech>	2026-01-16 06:16:02 +00:00
f	bad55853c6	fix: two weeks	2026-01-15 11:59:23 -03:00
Renovate Bot	3c45decd7a	chore(deps): update codeberg.org/forgejo/forgejo docker tag to v14	2026-01-15 14:00:42 +00:00
f	5d8e984ec9	feat: maintainers	2026-01-12 10:15:57 -03:00
f	675d6b9347	chore: publish 5.0.3+13.0.4-rootless release	2026-01-10 16:47:55 -03:00
fauno	9696bef17a	Merge pull request 'feat: anubis' (#10 ) from anubis into main Reviewed-on: #10 Reviewed-by: p4u1 <p4u1@noreply.git.coopcloud.tech>	2026-01-10 17:57:36 +00:00
f	670c6d070e	Merge branch 'main' into anubis	2026-01-10 00:44:34 -03:00
f	51f9ec7564	chore: publish 5.0.2+13.0.4-rootless release	2026-01-10 00:39:54 -03:00
f	5a63921823	Merge branch 'main' of https://git.coopcloud.tech/coop-cloud/forgejo	2026-01-10 00:39:21 -03:00
f	618dc563b2	Merge branch 'main' into anubis	2026-01-10 00:27:48 -03:00
f	865f228137	fix: upgrade to 13.0.4	2026-01-10 00:27:19 -03:00
f	8d3a8942d6	doc: readme	2026-01-10 00:25:15 -03:00
p4u1	08551b2972	chore: update .env.sample	2025-12-30 11:32:17 +01:00
f	29f71e90c5	feat: anubis	2025-12-24 18:41:16 -03:00
p4u1	64289a49ea	chore: publish 5.0.1+13.0.3-rootless release	2025-11-28 12:02:51 +01:00