julien.riou.xyz/content/blog/so-ive-self-hosted-my-code-using-forgejo.md

+++
title = "So I've self-hosted my code using Forgejo"
date = 2024-12-21T12:00:00+01:00
+++

The open source philosophy is often reduced to the the source code of a
software that is available somewhere published under a permissive license. That
somewhere is mostly [GitHub](https://github.com/), using
[Git](https://git-scm.com/) as a source code management tool. GitHub provides a
centralized place for everyone to contribute to open source projects. While
this is a good boost for them, having this giant place using your code to train
AI models or even providing [AI product that we don't need for free if you are
an open source
maintainer](https://www.msn.com/en-us/technology/tech-companies/github-is-making-its-ai-programming-copilot-free-for-vs-code-developers/ar-AA1w9UrA),
is not aligned with my values.

The second problem I have with GitHub is that when I was a student at the
university, I created an [account](https://github.com/riouj) using my former
handle (riouj), my student e-mail and my french phone number. Years later, I
tried to recover this account but having lost access to both recovery methods,
GitHub support said "Nope", even if I can prove my identity and provide my
diploma. My professional handle (jriou) is used by [someone
else](https://github.com/jriou). So I've created an
[account](https://github.com/jouir) using a handle that I used on some forums
(jouir) which is not very professional if you speak french. Moving somewhere
else will allow me to use my regular nickname, finally!

Alright, now where should I move my code?

There are multiple services online to store your code like
[bitbucket.org](https://bitbucket.org/). We use Atlassian products at work so
why not giving their online service a try on their free tier? There's also
[gitlab.com](https://about.gitlab.com/) which is famous to be one of the
biggest alternative to GitHub. That would also mean my code will be hosted by
another US corporation. Then I heard about [Gitea](https://about.gitea.com/)
that was taken over by a for-profit company and the
[Forgejo](https://forgejo.org/) fork backed by
[Codeberg](https://codeberg.org/), a non-profit organization based in Germany,
in the EU. I could push my code to a service managed by an association sharing
my values...

Or, I could deploy the free and open source software (FOSS) directly on one of
my homelab servers! Exposing the source code of my personal projects should not
use that much of resources, especially bandwidth, and should not be sensitive
to latency, right? Let's find out.

# The setup

My hosts rely on a home-made backup solution based on ZFS replicated to three
locations. Everything is explained in my [Journey of a Home-based Personal
Cloud Storage Project](https://julien.riou.xyz/socallinuxexpo2024.handout.html)
talk and [self-hosting](https://self-hosting.riou.xyz/) blog. I've taken the
server with the most bandwidth to host the Forgejo instance. As I use Ansible
to manage my personal infrastructure, I've created an [Ansible
role](https://git.riou.xyz/jriou/ansible-role-forgejo) to manage Forgejo using
docker compose. The [official
documentation](https://forgejo.org/docs/next/admin/installation-docker/) is
simple and easy. In a matter of minutes, my instance was up and running!

In order to expose the instance to the public and share my software
contributions to the world, I have some components that are not self-hosted: a
domain name and a virtual private server (VPS) to route the traffic to my home
network hosting OpenVPN and Nginx. I should try
[tailscale](https://tailscale.com/) one day but that's another topic.

![Forgejo](/forgejo.svg)

The HTTPS exposition is pretty easy with Nginx. There are plenty of
documentations everywhere for that purpose. For SSH, which is TCP, I've used
nginx streams:

```
load_module /usr/lib/nginx/modules/ngx_stream_module.so;

stream {
    server {
        listen 222;
        proxy_pass IP.OF.VPN.INSTANCE:222;
    }
}
```

I tried to use iptables for forwarding the SSH port to the private instance but
failed miserably. The Nginx stream solution is much easier! Don't forget to
allow the incoming port on the VPS. After years of experience, I fell into this
trap and spent at least one hour debugging why this damn Nginx stream
configuration was not working.

And the website is live, ready to receive my code!

# Code migration

My code is not very popular. I mostly have archived repositories. My maintained
repositories have little to no issues. I don't use GitHub actions (yet). And I
have less than 20 repositories. So the migration was pretty simple:

1. Create repository on Forgejo including the description 
1. Disable what I don't use (wiki, releases, projects, actions, etc)
1. Add "forgejo" remote on git
1. Push everything including tags to the "forgejo" remote
1. Rename "forgejo" git remote by origin
1. Delete repository from GitHub

As far as I know, there's no way to force ordering of your repositories on
Forgejo like you could have on GitHub with pinned repositories. So if you would
like to order your repositories when your visitors will land onto your profile
page, you should create them from the oldest to the newest which is the default
ordering on Forgejo. I don't care about the order personally so I took them in
a "first seen, first migrated" fashion. The git history is respected though.

# What's next

The basic setup is done but there's still work to do like setting up local
actions to ensure code quality.

# Conclusion

Now I have all my repositories, on my own infrastructure, [publicly
available](https://git.riou.xyz/jriou), running entirely on FOSS, and this is
beautiful.

![Forgejo screenshot](/forgejo-screenshot.png)

I would like to thank the Forgejo contributors and the Codeberg organization
for their amazing work to provide an open source self-hosted alternative to
GitHub. The best way to really thank them is to [donate
regularly](https://donate.codeberg.org/) (which I'm proud to do).