Forgejo
Overview
| Field | Value |
|---|---|
| Purpose | Host Git repositories and execute Forgejo Actions |
| Business function | Source control and deployment automation |
| Owner | IT Operations |
| Criticality | High |
| Image | codeberg.org/forgejo/forgejo:11 |
Architecture
The gitea Compose project contains the forgejo application and runner. Traefik provides HTTPS; SSH is published on host port 2222. The runner uses /var/run/docker.sock and deploys to /root/kh3-dev-site.
Installation
Docker Compose at /root/gitea/docker-compose.yml.
Configuration
| Item | Value |
|---|---|
| Application data | /root/gitea/data:/data |
| Runner data | /root/gitea/runner-data:/data |
| Runner config | /root/gitea/runner-data/config.yml:/config.yml |
| Deployment mount | /root/kh3-dev-site:/site-deploy |
| Networks | aproxy, backend |
| Restart policy | unless-stopped for Forgejo; always for runner |
Authentication-related environment values include OpenID/OAuth client configuration. Store values only in /root/gitea/.env and the approved password manager.
Operational Procedures
cd /root/gitea
docker compose ps
docker compose logs --tail=200 forgejo runner
docker compose restart forgejo
docker compose pull
docker compose up -d
Back up /root/gitea/data, runner configuration, repositories, and database content before upgrades. Validate web sign-in, Git over HTTPS, SSH on port 2222, and one Actions job.
Troubleshooting
- Runner offline: confirm
runneris running and loaded/config.yml. - Job cannot mount publish path: verify
container.valid_volumesin runner config. - OAuth failure: verify provider metadata and callback URL.
- Git SSH failure: confirm pfSense and host port
2222.
Related Systems
References
- Runtime captured June 9, 2026