Creating a personal code repository isn't as hard as it seems now that options like Forgejo exist. To get started, you can follow this guide to create your own personal git forge.

Server Setup

I would recommend a server with at least 1GB RAM and 25GB storage for this.

Make sure to add a firewall rule to allow inbound TCP on port 2222. Set the allowlist on this port to your IP address only. This will keep things nice and secure for this entire setup process.

Create a DNS Record

It is handy to set up a git subdomain to access your forge via Forgejo's web client, that way in the future you can access your forge via https://git.yourdomain.com.

Go to whichever DNS management service you are using for your domain. It will likely be something like Manage Domains -> select the DNS of the domain and add an A Record with the following values:

Type: A
Host: git
Answer: add your server's public IP here
TTL: 600 (or default)

Setup Proxy Server

You will need to direct your git subdomain to the port Forgejo uses for its web client. A reverse proxy server can handle this nicely.

I used Caddy as a proxy server, you could also use Apache HTTP or nginx here as alternatives. Just make sure you are proxing your git domain to localhost:3000 so you can access the Forgejo web client later.

Edit Caddy file:

sudo nano /etc/caddy/Caddyfile

Add this to the file content:

git.yourdomain.com {
    reverse_proxy localhost:3000
}

Reload Caddy:

sudo systemctl reload caddy

Open Firewall for Git SSH

Now you'll want to open a port for your git requests.

Run this on the server to allow external access to TCP port 2222:

sudo ufw allow 2222/tcp

Install and Configure Forgejo

1. Install Podman

sudo apt install podman -y
podman --version  # verify install

Enable the Podman socket:

sudo loginctl enable-linger deploy
systemctl --user enable --now podman.socket

2. Create Forgejo Directories

mkdir -p ~/forgejo/data
cd ~/forgejo

3. Sanity Check Forgejo Container

Add you own domain and timezone to the command below and run it to test the podman install.

podman run -d \
  --name forgejo \
  --replace \
  -e USER_UID=$(id -u) \
  -e USER_GID=$(id -g) \
  -e FORGEJO__database__DB_TYPE=sqlite3 \
  -e FORGEJO__server__DOMAIN=git.yourdomain.com \
  -e FORGEJO__server__ROOT_URL=https://git.yourdomain.com/ \
  -e FORGEJO__server__SSH_DOMAIN=git.yourdomain.com \
  -e FORGEJO__service__DISABLE_REGISTRATION=true \
  -e TZ=America/Phoenix \
  -v ~/forgejo/data:/data \
  -v /etc/localtime:/etc/localtime:ro \
  -p 3000:3000 \
  -p 2222:22 \
  codeberg.org/forgejo/forgejo:9

Verify it is running:

podman ps
curl -s http://localhost:3000 | head

Stop and remove the previous version that was running.

podman stop forgejo
podman rm forgejo

Now we will install the real auto starting production server now that the test worked.

4. Auto-start with systemd

Create a directory for the Quadlet files:

mkdir -p ~/.config/containers/systemd

Create the Forgejo container:

nano ~/.config/containers/systemd/forgejo.container

Add this content to the file:

[Unit]
Description=Forgejo Git Server

[Container]
Image=codeberg.org/forgejo/forgejo:9
ContainerName=forgejo
Environment=USER_UID=YOUR_UID
Environment=USER_GID=YOU_GUID
Environment=FORGEJO__database__DB_TYPE=sqlite3
Environment=FORGEJO__server__DOMAIN=git.yourdomain.com
Environment=FORGEJO__server__ROOT_URL=https://git.yourdomain.com/
Environment=FORGEJO__server__SSH_DOMAIN=git.yourdomain.com
Environment=FORGEJO__service__DISABLE_REGISTRATION=true
Environment=TZ=America/Phoenix
Volume=/home/deploy/forgejo/data:/data
Volume=/etc/localtime:/etc/localtime:ro
PublishPort=3000:3000
PublishPort=2222:22

[Install]
WantedBy=default.target

Now you should edit the values for your own setup. Start by changing the YOUR_UID and YOUR_GID values.

Verify your user ID values:

id -u <username>  # should output 1000
id -g <username>  # should output 1000

Then replace the YOUR_UID/YOUR_GID value in the settings below with your id values. This should be 1000 on most new systems.

More changes you should make here:

• Add your actual domain name instead of git.yourdomain.com.
• Change the timezone Environment=TZ to your actual timezone.

Note: In a rootless Podman setup, app.ini will be owned by a remapped UID. On a single-user VPS this is acceptable. If you're sharing the server with other users, consider the sensitivity of the file.

4. Start Forgejo

systemctl --user daemon-reload
systemctl --user start forgejo

Verify it is running:

systemctl --user status forgejo

Check if Forgejo is responding:

curl -s http://localhost:3000 | head

View logs:

journalctl --user -u forgejo

Afterward you can manage it like any other service:

systemctl --user status forgejo
systemctl --user restart forgejo
systemctl --user logs forgejo

If all is well, continue on to complete the wizard.

6. Complete Forgejo Config Wizard

Open the URL to see the Forgejo config wizard: https://git.yourdomain.com/

Use the default options. Add an Administrator account and create the instance. Then navigate to the URL again to see the interface for Forgejo.

7. Hardening Forgejo

For a private forge, you'll want to disable any other user from registering. Confirm the DISABLE_REGISTRATION value below is present in app.ini, it should have been written on first run, but it's worth verifying. This should block all users from signing up, so only your account will be present on the forge.

Open the config:

sudo nano ~/forgejo/data/gitea/conf/app.ini

Make sure these are set:

[service]
DISABLE_REGISTRATION = true
REQUIRE_SIGNIN_VIEW = true

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

[api]
ENABLE_SWAGGER = false

Restart Forgejo:

systemctl --user restart forgejo

It should be working now.

Setup up 2-factor auth

At this point it is a good idea to go into the Forgejo web client at https://git.yourdomain.com/ and set up 2-factor authentication.

Navigate to User Settings → Security → Two-Factor Authentication.

8. Add SSH key to Forgejo

Add your SSH key like you would in Codeberg/GitHub by pasting the key from ~/.ssh/id_ed25519.pub into the Forgejo Web Client under "SSH Keys > Manage SSH Keys"

Add a local entry to the SSH config at ~/.ssh/config:

Host forgejo
    HostName git.yourdomain.com
    Port 2222
    User git
    IdentityFile ~/.ssh/id_ed25519
    IdentitiesOnly yes

Now you can use the shorthand forgejo for git requests.

Basic usage

Clone repo:

git clone forgejo:youruser/repo.git

Push an existing project:

cd your-project
git remote add forgejo forgejo:youruser/repo.git
git push forgejo main

You may be used to copying the ssh from the web client like you might in Github or Codeberg, but here that won't work, since it uses port 22 by default and not port 2222 with a special ssh config.

It can work that way, but it requires the port to be specified:

git clone ssh://git@git.yourdomain.com:2222/youruser/repo.git

That is it, you now should have a working private git forge to host all your coding projects.

For more information see Forgejo Install Docs

April 21, 2026

Miniflux is a minimalist RSS web client you can set up on a personal server.

It's pretty neat to use since it allows you to create a single RSS interface you control that you can access from any device. No more managing multiple RSS clients on various devices. No more syncing or manually managing your RSS subscription files.

You can find its homepage here https://miniflux.app/

Below is a simple guide for setting it up on a new Linux instance.

Requirements

• Linux distro
• Podman
• Proxy web server

I used Debian, Podman, and Caddy setup on a Digital Ocean Droplet. You can use alternatives if you wish, just keep in mind some configuration steps may be different.

This guide uses Podman and its Quadlet systemd integration. If you prefer Docker, the container images and environment variables are the same, but you'll want a docker-compose.yml instead of Quadlets.

Configuring Miniflux

1. Create directories for Miniflux

mkdir -p ~/miniflux/postgres-data

2. Create the network Quadlet:

nano ~/.config/containers/systemd/miniflux.network

Add this content:

[Network]
NetworkName=miniflux

3. Create the Postgres Quadlet

nano ~/.config/containers/systemd/miniflux-db.container

Add this content:

[Unit]
Description=Miniflux PostgreSQL Database

[Container]
Image=docker.io/library/postgres:15
ContainerName=miniflux-db
Environment=POSTGRES_USER=miniflux
Environment=POSTGRES_PASSWORD=CHANGE_THIS_TO_SOMETHING_RANDOM
Environment=POSTGRES_DB=miniflux
Volume=/home/deploy/miniflux/postgres-data:/var/lib/postgresql/data
Network=miniflux.network

[Install]
WantedBy=default.target

4. Create the Miniflux Quadlet

nano ~/.config/containers/systemd/miniflux.container

Add this content (then edit it as recommended below):

[Unit]
Description=Miniflux RSS Reader
After=miniflux-db.service
Requires=miniflux-db.service

[Container]
Image=docker.io/miniflux/miniflux:latest
ContainerName=miniflux
Environment=DATABASE_URL=postgres://miniflux:CHANGE_THIS_TO_SOMETHING_RANDOM@miniflux-db/miniflux?sslmode=disable
Environment=RUN_MIGRATIONS=1
Environment=CREATE_ADMIN=1
Environment=ADMIN_USERNAME=ADD_YOUR_ADMIN_USERNAME
Environment=ADMIN_PASSWORD=ADD_YOUR_ADMIN_PASSWORD
PublishPort=8080:8080
Network=miniflux.network

[Install]
WantedBy=default.target

Make sure the DATABASE_URL password CHANGE_THIS_TO_SOMETHING_RANDOM in the two Quadlet files is changed to something that matches. ONLY use alphanumeric characters here, it can't handle anything else since special characters break URL parsing.

I recommend using a password generator to create a random alphanumeric string at least 30 characters long then replace CHANGE_THIS_TO_SOMETHING_RANDOM in both Postgres and Miniflux Quadlet files.

Change the admin username and password, these will be your login credentials in the web interface for the first time login. Once logged in for the first time, you will create new credentials and remove these entries.

Make sure to save the admin credentials to your password manager.

5. Pull images and start everything

podman pull docker.io/library/postgres:15
podman pull docker.io/miniflux/miniflux:latest
systemctl --user daemon-reload
systemctl --user start miniflux-db
systemctl --user start miniflux

Verify it is running:

systemctl --user status miniflux-db
systemctl --user status miniflux

Note: This guide uses systemctl --user to manage services as the deploy user. For these services to start automatically on boot, linger must be enabled for that user (`loginctl enable-linger deploy).

Setup DNS for an RSS subdomain

Add an A record in your domain registrar to point to your RSS subdomain, for example rss.yourdomain.com

Update the proxy server to point the subdomain at your local Miniflux.

In my case, I used Caddy to point the subdomain to the local Miniflux instance.

sudo nano /etc/caddy/Caddyfile

Add alongside your existing blocks:

rss.yourdomain.com {
    reverse_proxy localhost:8080
}

Reload the proxy server:

sudo systemctl reload caddy

Testing and Cleanup

Visit your domain such as https://rss.yourdomain.com and log in with the admin credentials you set.

Before proceeding, go to Settings → Change Username/Password to update your admin credentials. Do not skip this.

1. Clean up bootstrap env vars

Once you've confirmed login works, edit the Miniflux Quadlet and remove the three bootstrap lines:

nano ~/.config/containers/systemd/miniflux.container

Remove:

Environment=CREATE_ADMIN=1
Environment=ADMIN_USERNAME=ADD_YOUR_ADMIN_USERNAME
Environment=ADMIN_PASSWORD=ADD_YOUR_ADMIN_PASSWORD

Then:

systemctl --user daemon-reload
systemctl --user restart miniflux

2. Import your RSS feeds from other sources

I previously used Newsboat, so I exported my local Newsboat feed so I could import into Miniflux:

newsboat -e > feeds.opml

Then in the Miniflux web UI, go to Settings → Import and upload the OPML file.

That's the whole thing, now you have a single centralized RSS feed you can access and update from all your devices.