Self-Host Forgejo with Greffon
Your code history is the one asset you cannot regenerate. Here is the honest setup for Forgejo, a lightweight Git forge, on a greffer you own.
A Git forge holds the full history of everything you build: branches, issues, reviews, the long tail of decisions that never made it into a commit message. It is worth asking whose servers that lives on. Forgejo is a lightweight, self-hostable forge (Git hosting, issues, and pull requests) that you can run on hardware you own. Greffon takes the fiddly parts (TLS, routing) off your plate so you can graft it and get to work.
Why own the forge
Forgejo is a community-run fork of Gitea: a single small Go binary that serves the Git protocol, a web UI, issues, and pull requests. It is light enough to run comfortably on a modest greffer, and the workflow will feel familiar to anyone who has used GitHub or Gitea. Grafting it onto your greffer means the repositories, the issue history, and the user accounts all sit on a machine you control rather than an account you rent.
Graft it from the catalog
On a greffer you do not hand-write a compose file or wire a reverse proxy. Pick Forgejo from the catalog and graft it onto your greffer. Greffon issues the certificate and routes the app, so the web UI comes up reachable over HTTPS without you assembling that plumbing by hand. On first start Forgejo walks you through creating the initial administrator account.
Reach it, and Git over SSH
On the same network as your greffer the web UI works the moment it starts. To reach it from anywhere else you have two honest options. The simplest is tunnel mode: a greffer connects outbound to the manager's tunnel and serves its apps without opening a single inbound port, which is the answer for a box behind NAT or CGNAT with no public IP. If you would rather expose the greffer directly, port forwarding plus dynamic DNS still works. Either way the web UI and HTTPS Git remotes stay reachable.
The real wrinkle with a forge is Git over SSH. Cloning and pushing overhttps:// works the moment the web UI is reachable, since it rides the same HTTPS that Greffon already routes. SSH remotes (git@your-forge:org/repo.git) are a separate TCP channel on their own port, and you have to make that port reachable yourself: directly on a greffer with a public IP, or over the tunnel, which carries TCP as well as HTTP. If SSH remotes are not set up, HTTPS clone and push still cover the everyday workflow.
Storage and memory grow with you
Forgejo itself is small, but a forge is only as light as the repositories in it. Large binaries, long histories, and CI artifacts accumulate, and the disk is what fills up over time, not the application. Before you migrate a big monorepo or years of history, check that the greffer has the headroom, and keep an eye on disk use as the forge gets real traffic. Memory stays modest for normal browsing and Git operations.
Back it up first
Your code history is the asset you cannot regenerate from anywhere else, so decide how you back it up before it holds anything you care about. Greffon handles TLS and routing today, and native one-click backups are coming in M2. Until then, bring your own backup tool (restic or borgbackup are the usual choices), back up the Forgejo data on a schedule, and store a copy off the greffer.
Keep it always-on
A forge that your team, your CI, or your other machines push to has to be up when they reach for it. Run it on an always-on greffer, a small VPS, a mini-PC, or a free Oracle Cloud box, rather than a laptop that sleeps at night. The Oracle walkthrough is a good place to get a greffer running before you graft the forge onto it.