If you’re like me, you probably need to update your image tag to this new major version. I’ll probably wait for a minor release first.
You must log in or register to comment.
15.0 adds support for OIDC tokens being handed to Actions workflows compatible with GitHub Actions. I was excited to upgrade because I wanted to continue doing cosign Docker image signing, but then I found out that the Cosign transparency log doesn’t support Forgejo. Looks like I need an alternative.
My next biggest problem is the Actions workflow itself. I setup Docker in Docker, but turns out there’s a bit of work in preparing the runners to be on par with what I used on GitHub.
Otherwise, I’ve found Forgejo to be quite good and almost all my private repos are moved over.
I very much have my eye on that. Pretty sure that’s going to be my next self-host just because I love everything about it, not so much because I’ll need it. Pleeeease federate. I know it’s a whole lot of work, but it would be a significant net benefit to all developers worldwide who code because they like it.
Donations will help them get there faster
Amy Idea why there isn’t a “:latest” release?
Because you usually don’t want to do automatic upgrades across major versions. There is a “latest” equivalent for each major version release though.
Forgejo was initially a soft fork of Gitea but they knew it would very possibly become a hard fork. Using the latest tag meant your setup could break unexpectedly so I think they’d opted to not use it at all. What you want to do is use the full version “15” in this case which will keep it updated up the currently major release.
Can’t wait for federation
How does it compare to Gitea?
Gitea is developed by a corporation. If you trust corporations not to enshittify eventually, maybe Gitea will be the exception to the rule, but I doubt it, for sufficiently long definitions of “eventually”. Forgejo was forked specifically because the governance needed to be detached from the corporation, and that wasn’t going to happen with Gitea. The community of open-source developers mostly voted with their feet. Forgejo is, in my humble opinion, going places. Gitea is not. Nothing specifically wrong with it, per se, but it doesn’t really offer a sustainable development path forward I don’t think.
It’s a fork of Gitea with more extensive development.
Forgejo is where the dev is happening now.
An amazing project. Good work devs.
Finally, repository specific access tokens were added! I was missing this feature from GitHub (fine-grained access tokens) and had resorted to making service accounts that had access to a single repo. Time to clean that up :)
Thoughts on this versus tangled besides this being more mature? Also question, I have cloudflare serving as my ddns, I believe some settings I have configured there prevent ssh from working to my forgejo instance. Is it a security risk to allow ssh traffic properly? I have other services on the same subdomain published as well if that matters.
Edit: would Tailscale be a solution here?
Tangled seems to focus on the “social” aspect by being inherently federated using the protocol Bluesky uses.
Federation is in the works for Forgejo but it’s not a focus.
Recommendation would be that you want to set up your ssh so that it only accepts publickey authentication. You also want to make sure you are not using a proxied DNS value, as CF only proxies http requests.
Personally I didn’t bother to setup ssh access as https typically works fine.
I setup ssh key access only on all my machines so that bit is ok. Maybe I’ll forgo ssh like you’re suggesting as well. I thought I had some use for it but it’s been a while since I was messing with my forgejo instance, I’ve kind of fallen back to GitHub and codeberg for a bit since I’ve been busy. I couldn’t get https cloning to work for some reason either so I neee to investigate that I guess.
Forgejo’s most promising feature was federation, and unfortunately, they don’t seem to be working on that.
They do, it’s just a lot of work.
Here’s an example PR: https://codeberg.org/forgejo/forgejo/pulls/10380
actually it is already meged and on v16.0 milestone list
Oh, didn’t know Forgejo was ever intended to have federation. That’s so cool!
It’s the main reason I choose them. Can’t wait to open issues on other instances without creating an account and not everything being on GitHub.
Cool!
Federation is worked on by forgefed if I remember right.
Yeah… I’m gonna wait for 15.1…
