1
0
Fork 0
No description
Find a file
Jason Hall c178285651 raise forgejo_down alert duration from 5 to 15 min
The nightly reboot at 04:30 UTC takes ~7 min of downtime (cloud-init,
image pulls, container startup) and was tripping the 5-min alert. Jason
is fine with longer downtime overnight and prefers no page for it.

15 min still catches a stuck reboot or a real outage with reasonable
latency.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-13 09:08:01 -04:00
cloud-init forgejo-stack: stop fighting docker's restart policy; add watchdog 2026-05-11 10:55:37 -04:00
config initial commit 2026-05-07 20:02:59 -04:00
docs add budget alert and nightly OS-update reboot 2026-05-07 20:35:58 -04:00
scripts initial commit 2026-05-07 20:02:59 -04:00
terraform raise forgejo_down alert duration from 5 to 15 min 2026-05-13 09:08:01 -04:00
.gitignore initial commit 2026-05-07 20:02:59 -04:00
plan.md initial commit 2026-05-07 20:02:59 -04:00
README.md initial commit 2026-05-07 20:02:59 -04:00

forge

Self-hosted Forgejo on GCP. e2-micro VM on Container-Optimized OS, Caddy for HTTPS, IAP for admin SSH, nightly backups to GCS. Targets ~$35/month.

See plan.md for the full design rationale.

Quick start

# 1. Set the active project, enable APIs
gcloud config set project YOUR_PROJECT
gcloud services enable compute.googleapis.com secretmanager.googleapis.com \
  iap.googleapis.com storage.googleapis.com

# 2. Generate the Forgejo secrets in Secret Manager (one-time)
./scripts/bootstrap-secrets.sh

# 3. Configure Terraform (terraform.tfvars is gitignored)
$EDITOR terraform/terraform.tfvars

# 4. Apply
cd terraform
terraform init
terraform apply

Point your domain's A record at the static_ip output, then visit https://<your-domain> to run the Forgejo installer.

Day two

Layout

terraform/    GCP infrastructure (VM, network, IAM, GCS, optional DNS)
cloud-init/   user-data.yaml.tpl — systemd units that boot Forgejo + Caddy + Watchtower
config/       Caddyfile template (reference; the live copy is embedded in cloud-init)
scripts/      bootstrap-secrets.sh, backup.sh, restore.sh, test-restore.sh
docs/         runbook + disaster recovery