feat: add Forgejo service + Postgres database provisioning

- docker-compose.yml: Forgejo service on hiy-net, configured via env vars - postgres-init/01-forgejo.sql: creates forgejo user + database on first Postgres init - .env.example: document FORGEJO_DB_PASSWORD and FORGEJO_DOMAIN Routing: add FORGEJO_DOMAIN as an app in HIY pointing to forgejo:3000, or add a Caddyfile block manually. https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH
2026-03-26 10:44:19 +00:00 · 2026-03-26 10:44:19 +00:00 · b6e223291a
commit b6e223291a
parent 54ceedbe5a
3 changed files with 34 additions and 0 deletions
--- a/infra/.env.example
+++ b/infra/.env.example
@ -11,3 +11,7 @@ HIY_ADMIN_PASS=changeme
 # Postgres admin password — used by the shared cluster.
 # App schemas get their own scoped users; this password never leaves the server.
 POSTGRES_PASSWORD=changeme
+
+# Forgejo (optional — only needed if you add the forgejo service to docker-compose.yml).
+FORGEJO_DB_PASSWORD=changeme
+FORGEJO_DOMAIN=git.yourdomain.com
--- a/infra/docker-compose.yml
+++ b/infra/docker-compose.yml
@ -70,6 +70,30 @@ services:
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - hiy-pg-data:/var/lib/postgresql/data
+      # SQL files here run once on first init (ignored if data volume already exists).
+      - ./postgres-init:/docker-entrypoint-initdb.d:ro
+    networks:
+      - hiy-net
+
+  # ── Forgejo (self-hosted Git) ──────────────────────────────────────────────
+  forgejo:
+    image: docker.io/codeberg.org/forgejo/forgejo:10
+    restart: unless-stopped
+    environment:
+      USER_UID: 1000
+      USER_GID: 1000
+      FORGEJO__database__DB_TYPE: postgres
+      FORGEJO__database__HOST: postgres:5432
+      FORGEJO__database__NAME: forgejo
+      FORGEJO__database__USER: forgejo
+      FORGEJO__database__PASSWD: ${FORGEJO_DB_PASSWORD}
+      FORGEJO__server__DOMAIN: ${FORGEJO_DOMAIN}
+      FORGEJO__server__ROOT_URL: https://${FORGEJO_DOMAIN}/
+      FORGEJO__server__SSH_DOMAIN: ${FORGEJO_DOMAIN}
+    volumes:
+      - forgejo-data:/data
+    depends_on:
+      - postgres
    networks:
      - hiy-net

@ -142,6 +166,7 @@ networks:

 volumes:
  hiy-data:
+  forgejo-data:
  caddy-data:
  caddy-config:
  hiy-pg-data:
--- a/infra/postgres-init/01-forgejo.sql
+++ b/infra/postgres-init/01-forgejo.sql
@ -0,0 +1,5 @@
+-- Create a dedicated database and user for Forgejo.
+-- This script runs once when the Postgres container is first initialised.
+-- If the container already has data it is skipped automatically.
+CREATE USER forgejo WITH PASSWORD 'CHANGE_ME';
+CREATE DATABASE forgejo OWNER forgejo;