Two Forgejo runbooks plus the Authentik OAuth2 provider guide,
mirrored from the iCloud folder into the versioned repo.
Runbooks:
- forgejo-admin-recovery.md — fallback login when Authentik is down
using the local admin-local user (prohibit_login reset via SQL).
- forgejo-backup-restore.md — backup format, restore scenarios
(full / DB-only / single file), disaster recovery on new host.
Guides:
- authentik-oauth2-provider.md — reusable template for adding native
OIDC integrations in Authentik. First applied for Forgejo, ready
to reuse for OpenProject, Nextcloud, Grafana. Includes the
important launch-URL gotcha from ADR-0006.
Each category folder has a README.md with format conventions and
an index of the current documents.
Refs OP#1118
Adds the Architecture Decision Records that were written during the
Forgejo deployment (M7.1) as part of moving docs from the iCloud folder
into this versioned repository.
Includes:
- ADR-0001: Forgejo vs Gitea (non-profit stewardship)
- ADR-0002: ai-apps placement (no separate VM)
- ADR-0003: Native OIDC, not ForwardAuth
- ADR-0004: Subdomain code.sdda.eu
- ADR-0005: Volume mount on /data (lesson learned)
- ADR-0006: Silent SSO via OAuth2 launch URL (lesson learned)
Plus a docs/adr/README.md that explains the ADR format, lists the
current ADRs, and provides a template for future entries.
Refs OP#1118
Captures the current state of all Docker stacks running on ai-apps
(Hetzner cx22, 10.0.0.8) as of 2026-04-11. Includes resource budget,
DNS records, Traefik integration pattern, and backup situation.
This is a point-in-time snapshot; update when new stacks are added.
Refs OP#1118
