beeta/devops/forgejo-server/.env.example

# =============================================================================
# Forgejo Server Environment Configuration
# Copy to .env and fill in values
# =============================================================================

# Domain for Forgejo (required)
FORGEJO_DOMAIN=bit.realms.pub

# PostgreSQL Configuration
POSTGRES_USER=forgejo
POSTGRES_PASSWORD=CHANGE_ME_SECURE_PASSWORD
POSTGRES_DB=forgejo

# Forgejo Security Keys (generate with: openssl rand -hex 32)
# SECRET_KEY: Used for encrypting data
FORGEJO_SECRET_KEY=CHANGE_ME_GENERATE_WITH_openssl_rand_hex_32

# INTERNAL_TOKEN: Used for internal API authentication
FORGEJO_INTERNAL_TOKEN=CHANGE_ME_GENERATE_WITH_openssl_rand_hex_32

# JWT_SECRET: Used for OAuth2 JWT tokens
FORGEJO_JWT_SECRET=CHANGE_ME_GENERATE_WITH_openssl_rand_hex_32

# =============================================================================
# Runner Configuration (set after initial setup)
# =============================================================================

# Runner registration token (get from Forgejo admin panel)
# Site Administration > Actions > Runners > Create new Runner
# RUNNER_TOKEN=

# =============================================================================
# Generate secure values with:
#
#   # Generate all secrets at once
#   echo "FORGEJO_SECRET_KEY=$(openssl rand -hex 32)"
#   echo "FORGEJO_INTERNAL_TOKEN=$(openssl rand -hex 32)"
#   echo "FORGEJO_JWT_SECRET=$(openssl rand -hex 32)"
#   echo "POSTGRES_PASSWORD=$(openssl rand -base64 24)"
#
# =============================================================================