Skip to content
Stefan Zhelev

Forgejo

Forgejo is the self-hosted Git forge for the platform — a lightweight alternative to GitHub for private repositories, CI runners, and package registries.

Deployment

Section titled “Deployment”
FieldValue
Flux pathflux-clusters/stefanzhelev/apps/forgejo
Base pathflux-apps/forgejo
Namespaceforgejo
Sync wave4
Depends oncloudnative-pg, external-secrets-config

What it deploys

Section titled “What it deploys”
  • HelmRelease for the Forgejo chart >= 16.0.0
  • ExternalSecrets for admin credentials and database connection details
  • Terraform CR (via Tofu Controller) that provisions those secrets in Vault

Configuration highlights

Section titled “Configuration highlights”
SettingValue
Domainforgejo.stefanzhelev.com
Root URLhttps://forgejo.stefanzhelev.com
Databaseexternal PostgreSQL via CloudNative-PG
DB hostpostgresql-rw.cnpg.svc.cluster.local:5432
DB SSLrequired
Cachebuilt-in Redis
Storage10Gi persistent volume
Resources100m CPU / 256Mi memory request, 512Mi memory limit

Integrations

Section titled “Integrations”
  • Vault + Tofu Controller: admin user and DB password live in Vault and are synced into the namespace
  • CloudNative-PG: Forgejo’s metadata database
  • Authentik: OIDC sign-in (planned)

Key commands

Section titled “Key commands”
Terminal window
kubectl get pods -n forgejo
kubectl logs -n forgejo -l app.kubernetes.io/name=forgejo
kubectl port-forward -n forgejo svc/forgejo-http 3000:3000


# Forgejo CLI inside the pod
kubectl exec -n forgejo -it deploy/forgejo -- forgejo admin user list