Last active 1751716384 Unlisted

anubis-forgejo-caddy.md Raw

Installing Anbuis to site between forgejo and caddy on debian

Install Anubis

Taken from: https://anubis.techaro.lol/docs/admin/native-install

$ # This is the latest version of Anubis at time of writing; check: https://github.com/TecharoHQ/anubis/releases
$ wget https://github.com/TecharoHQ/anubis/releases/download/v1.20.0/anubis_1.20.0_amd64.deb
$ sudo apt install ./anubis_1.20.0_amd64.deb
$ sudo cp /usr/share/doc/anubis/botPolicies.yaml /etc/anubis/forgejo.botPolicies.yaml
$ sudo tee /etc/anubis/forgejo.env >/dev/null <<EOF
BIND=[::1]:8239
BIND_NETWORK=tcp
DIFFICULTY=4
METRICS_BIND=[::1]:8240
METRICS_BIND_NETWORK=tcp
POLICY_FNAME=/etc/anubis/forgejo.botPolicies.yaml
TARGET=http://localhost:3000
EOF
$ systemctl enable --now anubis@forgejo.service

Hook into Caddy

Taken from: https://anubis.techaro.lol/docs/admin/caveats-gitea-forgejo

Ensure your Caddyfile entry for forgejo points towards the Anubis port, and sets X-Real-Ip, as per:

code.fatlads.lol {
  reverse_proxy localhost:8239 {
    header_up X-Real-Ip {remote_host}
  }
}

(The link above seems to have the wrong port at time of writing- I'll open a PR as soon as I figure out where).