jspc revised this gist . Go to revision
1 file changed, 38 insertions
anubis-forgejo-caddy.md(file created)
| @@ -0,0 +1,38 @@ | |||
| 1 | + | # Installing Anbuis to site between forgejo and caddy on debian | |
| 2 | + | ||
| 3 | + | ## Install Anubis | |
| 4 | + | ||
| 5 | + | Taken from: https://anubis.techaro.lol/docs/admin/native-install | |
| 6 | + | ||
| 7 | + | ```bash | |
| 8 | + | $ # This is the latest version of Anubis at time of writing; check: https://github.com/TecharoHQ/anubis/releases | |
| 9 | + | $ wget https://github.com/TecharoHQ/anubis/releases/download/v1.20.0/anubis_1.20.0_amd64.deb | |
| 10 | + | $ sudo apt install ./anubis_1.20.0_amd64.deb | |
| 11 | + | $ sudo cp /usr/share/doc/anubis/botPolicies.yaml /etc/anubis/forgejo.botPolicies.yaml | |
| 12 | + | $ sudo tee /etc/anubis/forgejo.env >/dev/null <<EOF | |
| 13 | + | BIND=[::1]:8239 | |
| 14 | + | BIND_NETWORK=tcp | |
| 15 | + | DIFFICULTY=4 | |
| 16 | + | METRICS_BIND=[::1]:8240 | |
| 17 | + | METRICS_BIND_NETWORK=tcp | |
| 18 | + | POLICY_FNAME=/etc/anubis/forgejo.botPolicies.yaml | |
| 19 | + | TARGET=http://localhost:3000 | |
| 20 | + | EOF | |
| 21 | + | $ systemctl enable --now anubis@forgejo.service | |
| 22 | + | ``` | |
| 23 | + | ||
| 24 | + | ## Hook into Caddy | |
| 25 | + | ||
| 26 | + | Taken from: https://anubis.techaro.lol/docs/admin/caveats-gitea-forgejo | |
| 27 | + | ||
| 28 | + | Ensure your Caddyfile entry for forgejo points towards the Anubis port, and sets `X-Real-Ip`, as per: | |
| 29 | + | ||
| 30 | + | ```Caddyfile | |
| 31 | + | code.fatlads.lol { | |
| 32 | + | reverse_proxy localhost:8239 { | |
| 33 | + | header_up X-Real-Ip {remote_host} | |
| 34 | + | } | |
| 35 | + | } | |
| 36 | + | ``` | |
| 37 | + | ||
| 38 | + | (The link above seems to have the wrong port at time of writing- I'll open a PR as soon as I figure out where). | |
Newer
Older