I’ve started building a small decentralized, non commercial app with a Rust backend + Node.js frontend running on k8s. I would have my own dedicated server for this. Just mentioning the setup because it might grow and for git there seem to be only GitHub and GitLab around and I prefer GitLab.

I care a lot about security and was wondering if it makes sense to self-host GitLab. I‘m not afraid of doing it, but after setup it shouldn’t take more than 1-2 hours per week for me to maintain it in the long run and I’m wondering if that’s realistic.

Would love to hear about the experience of people who did what I’m planning to do.

EDIT: Thanks for all the answers, trying my best to reply. I want CI/CD, container registry and secrets management that’s what I was hoping to get out of GitLab.

63 points

For self hosting there is also https://forgejo.org/ which is a fork of https://about.gitea.com/ , the latter of which started to shift to a corporate model.

permalink
report
reply
6 points

The is also Codeberg

permalink
report
parent
reply
19 points

technically the same as forgejo, codeberg is the main forgejo contributor/the org owning it

permalink
report
parent
reply
1 point

Quick question: forgejo is the git program that you can install self host a git server, while codeberg is probably the biggest forgejo-kind git server that is open to the public, right?

I dont have a home server to host forgejo (yet?), so I’m thinking of making an account on codeberg, is that correct reasoning?

permalink
report
parent
reply
4 points

Oh! Is it?

Well, living and learning haha

permalink
report
parent
reply
25 points
*
Deleted by creator
permalink
report
parent
reply
11 points

Another upvote for forgeo. So easy to get set up and running. Can run it in docker itself. I tried to host gitlab and got so frustrated with the pages and pages of ruby configs. Forgejo is so much cleaner.

permalink
report
parent
reply
3 points

I did an inplace upgrade of gitea to forgejo. No issues.

I’ve been self hosting this for 2 or 3 years now.

There has been zero maintenance other than the occasional update button

I use it for my docker compose files that portainer pulls from with the click of the button to update my containers when needed.

I edit the files in VS code with the git plugin and it works without issue

permalink
report
parent
reply
2 points

I’d also like to add that Forgejo is working on federation along with GitLab. I think Forgejo will do it first though.

permalink
report
parent
reply
2 points

Thanks! This looks actually really interesting. Did you try doing CI/CD with it? In future I would probably collaborate with others who’d be also using my self-hosted Git. What would be critical for me is that I can set it up in a way that once I open a PR that branch automatically gets deployed to a dev Kubernetes environment and when I merge with main that it automatically deploys to staging and only when I release a tag the branch would end up in prod. Also I’d like to do secrets management over the platform. I like that Forgejo would be non-commercial and I would prefer it over GitLab if it can do these things well.

permalink
report
parent
reply
6 points
*

I remember Gitlab requiring quite a large amount of resources, so if you’re talking about a solo project, I’d skip it and go with something a lot leaner like Gitea, personally.

I’ve never had any security issues with GitHub in the past though, and extended features are free for open source projects, so it’s kind of hard to ignore.

permalink
report
reply
4 points

I am selfhosting my Gitlab and it’s one of the less troubling services I run.

I followed their documentation for setup and update gitlab biyearly, as far as I remembered I never had to revert to a backup, even after I skipped updates for a little over a year.

permalink
report
reply
1 point

Thanks! What resources are you running it on? I’m looking into a VPS that could host it and ChatGPT recommends 4-8 vCPUs and 16 GB Ram, which sounds reasonable. But let’s say I’m running it on k8s does that leave any room for e.g. running other services on the same cluster?

permalink
report
parent
reply
1 point

The container itself has been allocated 4 cores and 4 GiB RAM on my PVE host, RAM usage currently sits at 75%. Before I had 2 GiB of RAM allocated, felt like it was slowed down a little bit by running from a HDD then. The host CPU is an i5-9400, so nothing beefy.

Besides Gitlab, I run Home Assistant, a single tenant Nextcloud instance and pfsense on the same host without any troubles. All services combined have 14 GiB Ram allocated, most of that actually goes to HASS since its doing speech recognition and speech synthesis (6GiB)

permalink
report
parent
reply
14 points

I tried hosting Gitlab for a while, but configuration and upgrades were difficult, and your really have to stay on top of updates due to vulnerabilities. It also used a lot of resources and wasn’t super responsive.

I moved to Forgejo (a hard fork of Gitea), and haven’t looked back; I cant recommend it enough. It’s fast, doesn’t take a lot of resources, actively developed, and has all the features I need.

Codeberg is a public instance of Forgejo if you want to try it out first.

permalink
report
reply
3 points

It’s not fully selfhosted but I did setup my own runner that integrates with their site.

permalink
report
parent
reply
2 points

Thanks! May I ask what kind of setup you were running and if there’s any feature you might be missing that existed in GitLab but doesn’t in Forgejo?

permalink
report
parent
reply
1 point

I was on an old repurposed desktop with 16gb ram and a i7 6700k at the time.

I haven’t felt that I’ve been missing any features from Gitlab. I do use Woodpecker-CI for runners because Forgejo action’s weren’t working for Docker builds, but I think the Forgejo actions have come a long way since I made that decision; I’ll have to try them out again one of these days.

permalink
report
parent
reply
3 points

First question is why do you want a forge ? Knowing the feature you need out of it is what should drive your decision.

Personally I would question the benefit of allocating ~5% of your work time to anything that isn’t core building your product but that’s up to you.

permalink
report
reply
2 points

Yea a surprisingly small number of people don’t know a git remote can literally be any folder outside of your tree, over almost any kind of connection.

I thought about doing a forge but realized that if I was the only one working on this stuff then I could do the same thing by setting my remote to a folder on my NAS.

permalink
report
parent
reply
1 point

Yup, for a solo project that you don’t want to share I would even argue that a forge is close to pointless.

Any ssh remote will work as a backup, you can run the ci/cd task on your own computer just fine (very likely faster even), you obviously don’t need to send PR and request code review to yourself and if a TODO.md isn’t enough to keep track of tasks there’s a billions lightweight task/note tracker.

I use github because I’m a lazy and it works fine as a backup but I don’t need 99% of the features for my pet projects.

permalink
report
parent
reply
1 point

I would deploy the whole app over k8s Helm charts and I would want to use the CI/CD tools and also do Traefik/Ingress for load balancing and having cloudflare point at it. In the future I might be collaborating with other people so I would want the architecture to be solid.

permalink
report
parent
reply

Selfhosted

!selfhosted@lemmy.world

Create post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Community stats

  • 3.7K

    Monthly active users

  • 2K

    Posts

  • 23K

    Comments