| ▲ | Show HN: Forgejo Appliance, a private Git server based on OrbStack and Tailscale(github.com) | |
| 6 points by highpost 10 hours ago | 1 comments | ||
| ▲ | highpost 10 hours ago | parent [-] | |
Forgejo is an open-source GitHub clone written in Go. I wanted to run Forgejo on an old Mac mini at home and make it remotely accessible through Tailscale. So, I built Forgejo Appliance: an opinionated blueprint based on an OrbStack VM running on macOS with Ubuntu Server, PostgreSQL and the tsbridge reverse proxy. I think of Forgejo Appliance as an open-source black box. It makes the Forgejo service available through a web interface, but beyond that, it’s pretty opaque. The VM is designed to be ephemeral (torn down and rebuilt for updates). Internally, it’s a group of three server apps tied together with UNIX sockets. This avoids the DNS and security headaches of exposing local TCP/IP ports. Like a managed cloud app, you can’t even connect to it with SSH. It wasn’t all fun and games. Navigating through the host and guest restrictions felt like threading a needle:
Forgejo Appliance stores its secrets in Apple Keychain, uses Google Workspace SMTP for notifications, and uses BorgBackup with rsync.net for remote backups. The end result is secure (thank you, Tailscale) and reliable. | ||