Enable [actions] on all 3 forges (cloud-init). Add docker-compose.runners.yml:
3 act_runner containers (one per forge) co-located on com.uvlava.quinn.artifacts,
sharing the forges' docker net, executing repo .forgejo/workflows. Reg tokens are
runtime secrets (per-forge admin registration-token), never committed.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Verdaccio runs as UID 10001; chowning its volume to 1000 caused EACCES on
cache writes → 500 on every uncached proxy fetch (npm installs hung).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
SSH_LISTEN_PORT + START_SSH_SERVER per forge (ct 2222 / mc 2223 / quinn 2224),
SSH_DOMAIN = forge.<p>.uvlava.com. The earlier :22 double-bind was a missing
SSH_LISTEN_PORT. Verified: ssh clone works. Matches live.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Droplet com.uvlava.quinn.artifacts (ignore_changes name+user_data). cloud-init
now provisions Caddy with auto-TLS routing forge/npm/pypi.{ct,mc,quinn}.uvlava.com
to the 3 Forgejo, each with its ROOT_URL. Matches live 134.199.243.61.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
DO droplet (nyc3 s-2vcpu-4gb + swap) running 3 co-located Forgejo (ct/mc/quinn)
+ Verdaccio via docker-compose. HTTP+token (built-in SSH disabled). Provisioned
165.227.191.38; state local (gitignored).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
