I did not get the above docker done, but I was finally able to get forgejo (port 3000) (specific port) redirect to https with let’s encrypt ssl.
I created a normal subdomain at normal 80/443 ports with LE SSL generated.
Then in the forgejo app.ini (/etc/forgejo/app.in) file, added this under [server]
[server]
ENABLE_ACME = enable
HTTPS_PORT = 3000 ssl
ROOT_URL = https://git.domain.tld
Then under nginx.conf ($HESTIADATA\conf\web\git.domain.tld\nginx.conf) I added
location / { client_max_body_size 4096M; proxy_pass http://localhost:3000; proxy_set_header Connection $http_connection; proxy_set_header Upgrade $http_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
Then under apache2.conf ($HESTIADATA\conf\web\git.domain.tld\apache2.conf) I added
ProxyPreserveHost On ProxyRequests off AllowEncodedSlashes NoDecode ProxyPass / http://localhost:3000/ nocanon
Then under apache2.ssl.conf ($HESTIADATA\conf\web\git.domain.tld\apache2.ssl.conf) I added
< VirtualHost git.domain.tld:8443 https >
ProxyPreserveHost On
ProxyRequests off
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:3000/ nocanon
I also enabled the following to ensure the proxy works:
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_balancer
a2enmod proxy_wstunnel
systemctl restart apache2
systemctl restart apache2
systemctl restart nginx
systemctl start forgejo.service
I got the help from these:
APache SSL Long Record Error
Let’s Encrypt SSL Certificate
Gitea Reverse Proxy - Apache HTTPD
Gitea Reverse Proxy - General Conf
Gitea Reverse Proxy - NGINX