initial commit
Signed-off-by: Jason Hall <imjasonh@gmail.com>
This commit is contained in:
commit
4dc1b58f2f
20 changed files with 1398 additions and 0 deletions
43
README.md
Normal file
43
README.md
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
# forge
|
||||
|
||||
Self-hosted [Forgejo](https://forgejo.org/) on GCP. e2-micro VM on Container-Optimized OS, Caddy for HTTPS, IAP for admin SSH, nightly backups to GCS. Targets ~$3–5/month.
|
||||
|
||||
See [plan.md](plan.md) for the full design rationale.
|
||||
|
||||
## Quick start
|
||||
|
||||
```bash
|
||||
# 1. Set the active project, enable APIs
|
||||
gcloud config set project YOUR_PROJECT
|
||||
gcloud services enable compute.googleapis.com secretmanager.googleapis.com \
|
||||
iap.googleapis.com storage.googleapis.com
|
||||
|
||||
# 2. Generate the Forgejo secrets in Secret Manager (one-time)
|
||||
./scripts/bootstrap-secrets.sh
|
||||
|
||||
# 3. Configure Terraform (terraform.tfvars is gitignored)
|
||||
$EDITOR terraform/terraform.tfvars
|
||||
|
||||
# 4. Apply
|
||||
cd terraform
|
||||
terraform init
|
||||
terraform apply
|
||||
```
|
||||
|
||||
Point your domain's A record at the `static_ip` output, then visit `https://<your-domain>` to run the Forgejo installer.
|
||||
|
||||
## Day two
|
||||
|
||||
- [docs/runbook.md](docs/runbook.md) — admin SSH, container ops, backups, upgrades
|
||||
- [docs/disaster-recovery.md](docs/disaster-recovery.md) — recovery scenarios
|
||||
- [plan.md](plan.md) — full design, cost breakdown, security checklist
|
||||
|
||||
## Layout
|
||||
|
||||
```
|
||||
terraform/ GCP infrastructure (VM, network, IAM, GCS, optional DNS)
|
||||
cloud-init/ user-data.yaml.tpl — systemd units that boot Forgejo + Caddy + Watchtower
|
||||
config/ Caddyfile template (reference; the live copy is embedded in cloud-init)
|
||||
scripts/ bootstrap-secrets.sh, backup.sh, restore.sh, test-restore.sh
|
||||
docs/ runbook + disaster recovery
|
||||
```
|
||||
Loading…
Add table
Add a link
Reference in a new issue