imjasonh/forge
1
0
Fork 0
Code Activity
forge/README.md
Jason Hall 4dc1b58f2f initial commit 
Signed-off-by: Jason Hall <imjasonh@gmail.com>
2026-05-07 20:02:59 -04:00

43 lines
1.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# forge
Self-hosted [Forgejo](https://forgejo.org/) on GCP. e2-micro VM on Container-Optimized OS, Caddy for HTTPS, IAP for admin SSH, nightly backups to GCS. Targets ~$35/month.
See [plan.md](plan.md) for the full design rationale.
## Quick start
```bash
# 1. Set the active project, enable APIs
gcloud config set project YOUR_PROJECT
gcloud services enable compute.googleapis.com secretmanager.googleapis.com \
iap.googleapis.com storage.googleapis.com
# 2. Generate the Forgejo secrets in Secret Manager (one-time)
./scripts/bootstrap-secrets.sh
# 3. Configure Terraform (terraform.tfvars is gitignored)
$EDITOR terraform/terraform.tfvars
# 4. Apply
cd terraform
terraform init
terraform apply
```
Point your domain's A record at the `static_ip` output, then visit `https://<your-domain>` to run the Forgejo installer.
## Day two
- [docs/runbook.md](docs/runbook.md) — admin SSH, container ops, backups, upgrades
- [docs/disaster-recovery.md](docs/disaster-recovery.md) — recovery scenarios
- [plan.md](plan.md) — full design, cost breakdown, security checklist
## Layout
```
terraform/ GCP infrastructure (VM, network, IAM, GCS, optional DNS)
cloud-init/ user-data.yaml.tpl — systemd units that boot Forgejo + Caddy + Watchtower
config/ Caddyfile template (reference; the live copy is embedded in cloud-init)
scripts/ bootstrap-secrets.sh, backup.sh, restore.sh, test-restore.sh
docs/ runbook + disaster recovery
```
View git blame Copy permalink