Build Forgejo-backed community prototype
This commit is contained in:
parent
797ae5ea35
commit
6671a01d26
16 changed files with 2485 additions and 293 deletions
|
|
@ -62,6 +62,10 @@ cp .env.example .env
|
|||
Useful variables:
|
||||
|
||||
- `FORGEJO_BASE_URL=https://aksal.cloud`
|
||||
- `APP_BASE_URL=http://kacper-dev-pod:8800`
|
||||
- `FORGEJO_OAUTH_CLIENT_ID=...`
|
||||
- `FORGEJO_OAUTH_CLIENT_SECRET=...`
|
||||
- `FORGEJO_OAUTH_SCOPES=openid profile`
|
||||
- `FORGEJO_TOKEN=...`
|
||||
- `CALENDAR_FEED_URLS=webcal://...`
|
||||
- `HOST=0.0.0.0`
|
||||
|
|
@ -69,7 +73,10 @@ Useful variables:
|
|||
|
||||
Notes:
|
||||
|
||||
- `FORGEJO_TOKEN` is required for live repo and discussion reads on `aksal.cloud`.
|
||||
- Browser sign-in uses Forgejo OAuth/OIDC. `APP_BASE_URL` must match the URL opened in the browser, and the Forgejo OAuth app must include `/api/auth/forgejo/callback` under that base URL.
|
||||
- Browser OAuth requests only identity scopes. The backend stores the resulting Forgejo token server-side and may use it only after enforcing public-repository checks.
|
||||
- `FORGEJO_TOKEN` is optional and should be treated as a read-only local fallback. Browser sessions and API token calls may write comments only after verifying the target repo is public.
|
||||
- API clients can query with `Authorization: token ...` or `Authorization: Bearer ...`.
|
||||
- `CALENDAR_FEED_URLS` is optional and accepts comma-separated `webcal://` or `https://` ICS feeds.
|
||||
- Do not commit `.env` or `.env.local`.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue