Comment by latchkey
21 hours ago
People keep wanting to replace GitHub, but with what?
If GH is getting RCE's this late in the game who wants to take the chance something else won't?
21 hours ago
People keep wanting to replace GitHub, but with what?
If GH is getting RCE's this late in the game who wants to take the chance something else won't?
A "reasonable" answer is probably a primary self-hosted Forgejo instance as the canonical forge, while using GitHub as a mirror solely to take advantage of its free CI, while that lasts, while hosting secrets with a dedicated secret-hosting provider (I don't know what the provider du jour for this is these days).
Replace a whole 24/7 team of devops people with myself?
As much as I'd like to believe that I'm worthy, I'm not.
It's the devops team can manage a measly 87% uptime [1] you're talking about, you can do a lot better on your homeserver.
[1]: https://mrshu.github.io/github-statuses/
If the primary forge's only job is to host the actual Git infrastructure (the code, the MRs, the issues, maybe a wiki), it's a lot more simple than GitHub, and probably more within the scope of what people can reasonably administer themselves.
1 reply →
24/7 devops team for a forgejo instance? Come on mate...
4 replies →
> solely to take advantage of its free CI, while that lasts
Eh, if you want to be able to continue working, deploy and what not as normal during weekdays, I'd suggest also moving to Forgejo Actions if you're moving anyways. Not 100% compatible, but more or less the same, and even paying the same but with dedicated hardware you'd get way faster runners.
For companies with resources for infrastructure, sure.
For OSS, the unlimited free minutes of multiplatform CI offered by GitHub are literally impossible to replace. Maintaining runners yourself to do the same things would be somewhere between a part- and full-time job.
3 replies →
No worries Thomas Dohmke has you covered with his new project.
https://news.ycombinator.com/item?id=47712656
We moved from github to a self-hosted forgejo instance about 6 months ago, works like a charm. Still can't belive how snappy forgejo is / laggy github has become
Is it public or locked down?
https://news.ycombinator.com/item?id=47941590
I am personally now drawing a clear delineation between projects for my internal consumption (e.g. ansible scripts) and projects that have potential use for the general populace. For the prior, I now host a private Forgejo instance. For the latter, I'll put it on GitHub but mirror it to my Forgejo instance.
I was pleasantly shocked that Forgejo is literally a single binary with a relatively easy config. All my internal services reference my Forgejo instance so, if I need to bail on GitHub, it's low friction for me.
Self hosted gitlab behind a VPN.
The all-in-docker image and a couple of gitlab runners is all small to medium sized teams need. (Don't overcomplicate it with the kubernetes version unless you really need it)
GitLab ?
Me and my friends call it CveLab because there was a time where there was a critical security update every week or multiple times a week.
The people who suggest gitlab, haven't used it. But I guess I could be tempted to try again...
https://status.gitlab.com/pages/history/5b36dc6502d06804c083...
If you could only choose from github, gitlab and atlassan then I suppose.. But really anything newer that stays in existance has to be focused on quality from early enough to not be defined by path dependence problems and bad choices like those 3.
1 reply →
Ah, you assumed I meant SaaS GitLab. I meant the self-hosted version. I would never host our source code on a remote service.
1 reply →
just git
.... git?
replace it with git.
if you want a whole ui you can use something like forgejo which has far fewer features likely leading to less issues.
You probably meant Forgejo. Codeberg is a Forgejo instance exclusive for FOSS projects.
i want what github offers.
Enjoy your experience, there will certainly be no end to it.
5 replies →