mystuff/www/forgejo/pkg/README

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

Initial configuration
=====================
By default forgejo listens on all configured IP addresses, TCP port 3000.
If this is not wanted behavior, either adjust your pf(4) rules or change
HTTP_ADDR/HTTP_PORT in ${SYSCONFDIR}/forgejo/app.ini.

To complete the initial configuration, point your browser to
http://forgejo.example.com:3000 and press "Sign In". Usually you'll need to
configure SSH Server Domain/Port, Gitea HTTP Listen Port/Base URL, E-Mail
Settings and Administrator Account Settings.

On OpenBSD, initial forgejo configuration has the following restrictions:

 - Self-Registration is disabled
 - Sign-In is required to view the content
 - E-Mail addresses are not shown
 - Server runs in "offline" mode, which means that external services such as
   Gravatar/OpenID are not used
 - New repositories have "private" checkbox checked by default
 - Password hash algorithm changed from pbkdf2 to argon2

Adjust these configuration settings according to your requirements.

Configuring HTTP access
=======================
By default forgejo serves HTTP requests on its own.
It can also be configured to run behind HTTP proxy like relayd(8) or nginx(8).

Another option is to let OpenBSD httpd(8) serve HTTP(S) requests and pass it
to forgejo via FastCGI protocol:

Example configuration for httpd(8) and forgejo communicating via FastCGI
----------------------------------------------------------------------

Relevant configuration directives in ${SYSCONFDIR}/httpd.conf:

	# An HTTPS server using SSL/TLS
	server "forgejo.example.com" {
		listen on $ext_addr tls port 443
		tls certificate "/etc/ssl/forgejo.example.com.pem"
		tls key "/etc/ssl/private/forgejo.example.com.key"
		location "*" { fastcgi socket "/run/forgejo/forgejo.sock" }
	}

Relevant configuration directives in ${SYSCONFDIR}/forgejo/app.ini:

	[server]
	PROTOCOL               = fcgi+unix
	DOMAIN                 = forgejo.example.com
	ROOT_URL               = https://%(DOMAIN)s/
	HTTP_ADDR              = /var/www/run/forgejo/forgejo.sock
	LOCAL_ROOT_URL         = %(ROOT_URL)s

Customizing forgejo
=================
For custom public files, templates, gitignores, labels, licenses and READMEs,
please use ${LOCALSTATEDIR}/forgejo/custom directory.
all the things 2023-01-10 11:45:28 +01:00			`+-----------------------------------------------------------------------`
			`\| Running ${PKGSTEM} on OpenBSD`
			`+-----------------------------------------------------------------------`

			`Initial configuration`
			`=====================`
			`By default forgejo listens on all configured IP addresses, TCP port 3000.`
			`If this is not wanted behavior, either adjust your pf(4) rules or change`
			`HTTP_ADDR/HTTP_PORT in ${SYSCONFDIR}/forgejo/app.ini.`

			`To complete the initial configuration, point your browser to`
			`http://forgejo.example.com:3000 and press "Sign In". Usually you'll need to`
			`configure SSH Server Domain/Port, Gitea HTTP Listen Port/Base URL, E-Mail`
			`Settings and Administrator Account Settings.`

			`On OpenBSD, initial forgejo configuration has the following restrictions:`

			`- Self-Registration is disabled`
			`- Sign-In is required to view the content`
			`- E-Mail addresses are not shown`
			`- Server runs in "offline" mode, which means that external services such as`
			`Gravatar/OpenID are not used`
			`- New repositories have "private" checkbox checked by default`
			`- Password hash algorithm changed from pbkdf2 to argon2`

			`Adjust these configuration settings according to your requirements.`

			`Configuring HTTP access`
			`=======================`
			`By default forgejo serves HTTP requests on its own.`
			`It can also be configured to run behind HTTP proxy like relayd(8) or nginx(8).`

			`Another option is to let OpenBSD httpd(8) serve HTTP(S) requests and pass it`
			`to forgejo via FastCGI protocol:`

			`Example configuration for httpd(8) and forgejo communicating via FastCGI`
			`----------------------------------------------------------------------`

			`Relevant configuration directives in ${SYSCONFDIR}/httpd.conf:`

			`# An HTTPS server using SSL/TLS`
			`server "forgejo.example.com" {`
			`listen on $ext_addr tls port 443`
			`tls certificate "/etc/ssl/forgejo.example.com.pem"`
			`tls key "/etc/ssl/private/forgejo.example.com.key"`
			`location "*" { fastcgi socket "/run/forgejo/forgejo.sock" }`
			`}`

			`Relevant configuration directives in ${SYSCONFDIR}/forgejo/app.ini:`

			`[server]`
			`PROTOCOL = fcgi+unix`
			`DOMAIN = forgejo.example.com`
			`ROOT_URL = https://%(DOMAIN)s/`
			`HTTP_ADDR = /var/www/run/forgejo/forgejo.sock`
			`LOCAL_ROOT_URL = %(ROOT_URL)s`

			`Customizing forgejo`
			`=================`
			`For custom public files, templates, gitignores, labels, licenses and READMEs,`
			`please use ${LOCALSTATEDIR}/forgejo/custom directory.`