From cb68677b56eb761a0413a1250ca66342821090ac Mon Sep 17 00:00:00 2001
From: Luka Jankovic <lukjan1999@gmail.com>
Date: Sun, 12 Oct 2025 00:17:12 +0200
Subject: [PATCH] Add Forgejo

---
 forgejo/docker-compose.yml | 67 ++++++++++++++++++++++++++++++++++++++
 forgejo/ts-serve.json      | 22 +++++++++++++
 2 files changed, 89 insertions(+)
 create mode 100644 forgejo/docker-compose.yml
 create mode 100644 forgejo/ts-serve.json

diff --git a/forgejo/docker-compose.yml b/forgejo/docker-compose.yml
new file mode 100644
index 0000000..07db6e6
--- /dev/null
+++ b/forgejo/docker-compose.yml
@@ -0,0 +1,67 @@
+networks:
+  forgejo:
+    external: false
+
+services:
+  tailscale:
+    hostname: git
+    image: tailscale/tailscale
+    volumes:
+      - ./data/tailscale:/var/lib/tailscale
+      - ./ts-serve.json:/config/ts-serve.json:ro
+      - /dev/net/tun:/dev/net/tun
+    cap_add:
+      - net_admin
+      - sys_module
+    environment:
+      TS_HOSTNAME: git
+      TS_AUTH_KEY: ${TS_AUTH_KEY}
+      TS_SERVE_CONFIG: /config/ts-serve.json
+      TS_AUTH_ONCE: true
+      TS_STATE_DIR: /var/lib/tailscale
+      TS_EXTRA_ARGS: --advertise-tags=tag:forgejo
+    restart: unless-stopped
+    healthcheck:
+      test: tailscale status --peers=false --json | grep 'Online.*true'
+      start_period: 3s
+      interval: 1s
+      retries: 3
+    init: true
+    networks:
+      - forgejo
+
+  server:
+    image: codeberg.org/forgejo/forgejo:11
+    container_name: server
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - FORGEJO__server__ROOT_URL=${FORGEJO_ROOT_URL}
+      - FORGEJO__server__SSH_DOMAIN=${FORGEJO_SSH_DOMAIN}
+      - FORGEJO__database__DB_TYPE=postgres
+      - FORGEJO__database__HOST=db:5432
+      - FORGEJO__database__NAME=${FORGEJO_DB_NAME}
+      - FORGEJO__database__USER=${FORGEJO_DB_USER}
+      - FORGEJO__database__PASSWD=${FORGEJO_DB_PASS}
+    restart: always
+    volumes:
+      - /srv/@git/git:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - '3000:3000'
+      - '222:22'
+    networks:
+      - forgejo
+
+  db:
+    image: postgres:13
+    restart: always
+    environment:
+      - POSTGRES_USER=${FORGEJO_DB_USER}
+      - POSTGRES_PASSWORD=${FORGEJO_DB_PASS}
+      - POSTGRES_DB=${FORGEJO_DB_NAME}
+    volumes:
+      - ./data/postgres:/var/lib/postgresql/data
+    networks:
+      - forgejo
diff --git a/forgejo/ts-serve.json b/forgejo/ts-serve.json
new file mode 100644
index 0000000..7176c15
--- /dev/null
+++ b/forgejo/ts-serve.json
@@ -0,0 +1,22 @@
+{
+    "TCP": {
+        "22": {
+            "TCPForward": "server:22"
+        },
+        "443": {
+            "HTTPS": true
+        }
+    },
+    "Web": {
+        "${TS_CERT_DOMAIN}:443": {
+            "Handlers": {
+                "/": {
+                    "Proxy": "http://server:3000"
+                }
+            }
+        }
+    },
+    "AllowFunnel": {
+        "${TS_CERT_DOMAIN}:443": true
+    }
+}