Add Caddy config to reverse proxy section (#605)

Added Caddy example configs, turned on syntax highlighting in nginx/apache

Closes: forgejo/website#232
Reviewed-on: https://codeberg.org/forgejo/docs/pulls/605
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>

docs/admin/actions.md

@@ -532,7 +532,7 @@ jobs:
 
 If you run this action with `forgejo-runner exec`, you should expect this job fail:
 
-```shell-session
+```shellsession
 $ forgejo-runner exec
 ...
 | curl: (7) Couldn't connect to server

docs/admin/reverse-proxy.md

@@ -4,6 +4,10 @@ license: 'Apache-2.0'
 origin_url: 'https://github.com/go-gitea/gitea/blob/e865de1e9d65dc09797d165a51c8e705d2a86030/docs/content/usage/authentication.en-us.md'
 ---
 
+Forgejo serve itself without a reverse proxy with HTTP and HTTPS.
+
+HTTP transport is used by default, to turn on HTTPS transport set in `SERVER` section of the configuration `PROTOCOL=https` and either set `CERT_FILE` and `KEY_FILE` or let Forgejo manage the certificates with `ENABLE_ACME=true`
+
 You may wish to place your Forgejo instance behind a reverse proxy. A reverse proxy is a server that accepts requests from the outside and routes them to internal services, like Forgejo.
 
 ## nginx
@@ -12,7 +16,7 @@ You may wish to place your Forgejo instance behind a reverse proxy. A reverse pr
 
 To set up a basic HTTP reverse proxy in nginx, create a file `forgejo.conf` in `/etc/nginx/conf.d` and add the following configuration:
 
-```conf
+```nginx
 server {
     listen 80; # Listen on IPv4 port 80
     listen [::]:80; # Listen on IPv6 port 80
@@ -34,18 +38,18 @@ server {
 }
 ```
 
-Make sure to reload/restart nginx after chaning the configuration.
+Make sure to reload/restart nginx after changing the configuration.
 
 ### HTTP with a subpath
 
 If you want to serve Forgejo on a subpath, e.g. on `http://example.com/forgejo`, use the following configuration:
 
-```conf
+```nginx
 server {
     listen 80; # Listen on IPv4 port 80
     listen [::]:80; # Listen on IPv6 port 80
 
-    server_name git.example.com; # Change this to the server domain name.
+    server_name example.com; # Change this to the server domain name.
 
     location /forgejo/ { # Replace forgejo here with your subpath
         rewrite ^ $request_uri;
@@ -87,14 +91,14 @@ If you have obtained certificates from elsewhere or have chosen not to let certb
 
 Change the lines
 
-```conf
+```nginx
 listen 80;
 listen [::]:80;
 ```
 
 to
 
-```conf
+```nginx
 listen 443 ssl http2;
 listen [::]:443 ssl http2;
 ```
@@ -107,7 +111,7 @@ Generate an SSL configuration at [mozilla](https://ssl-config.mozilla.org/#serve
 
 Outside the server block, add this redirection block:
 
-```conf
+```nginx
 server {
     listen 80 default_server;
     listen [::]:80 default_server;
@@ -126,7 +130,7 @@ This will redirect anyone visiting the HTTP site to the HTTPS site.
 
 To set up a basic HTTP proxy in Apache, create a file `100-forgejo.conf` in `/etc/apache2/sites-available` and add the following configuration:
 
-```xml
+```apache
 <VirtualHost *:80>
     ServerName git.example.com
 
@@ -143,9 +147,9 @@ Next, enable the site with `a2ensite 100-forgejo.conf` and enable the proxy modu
 
 If you want to serve Forgejo on a subpath, e.g. on `http://example.com/forgejo`, use the following configuration:
 
-```xml
+```apache
 <VirtualHost *:80>
-    ServerName git.example.com
+    ServerName example.com
 
     ProxyPreserveHost On
     ProxyRequests off
@@ -184,7 +188,7 @@ Generate an SSL configuration at [mozilla](https://ssl-config.mozilla.org/#serve
 
 Outside the `VirtualHost *:443`, add this configuration:
 
-```conf
+```apache
 <VirtualHost *:80>
     ServerName git.example.com
 
@@ -196,6 +200,32 @@ Outside the `VirtualHost *:443`, add this configuration:
 
 This will redirect anyone visiting the HTTP site to the HTTPS site.
 
+## Caddy
+
+### HTTPS
+
+To set up basic HTTPS proxy in Caddy with Caddyfile create a file `forgejo` in `/etc/caddy/conf.d` and add the following configuration:
+
+```Caddyfile
+git.example.com {
+  reverse_proxy 127.0.0.1:3000
+}
+```
+
+Caddy will automatically get certificates for the domain.
+
+### HTTPS with a subpath
+
+If you want to serve Forgejo on a subpath, e.g. on https://example.com/forgejo, use the following configuration:
+
+```Caddyfile
+example.com {
+  reverse_proxy /forgejo* 127.0.0.1:3000
+}
+```
+
+Make sure to set the Forgejo ROOT_URL configuration key to the URL with the subpath, otherwise links generated by Forgejo will be broken.
+
 ## Proxy Authentication
 
 Forgejo supports Reverse Proxy Header authentication, it will read headers as a trusted login user name or user email address. This hasn't been enabled by default, you can enable it with
@@ -218,5 +248,5 @@ Notice: Reverse Proxy Auth doesn't support the API. You still need an access tok
 ## Docker / Container Registry
 
 The container registry uses a fixed sub-path `/v2` which can't be changed.
-Even if you deploy Gitea with a different sub-path, `/v2` will be used by the `docker` client.
+Even if you deploy Forgejo with a different sub-path, `/v2` will be used by the `docker` client.
 Therefore you may need to add an additional route to your reverse proxy configuration.

docs/developer/RELEASE.md

@@ -83,7 +83,7 @@ When a new `vX.Y.Z` release is ready to enter the release candidate stages:
 - Update end-to-end to [know about the new release](https://code.forgejo.org/forgejo/end-to-end/pulls/139). It must be done after the first `(X+1).0-test` release is available in experimental otherwise it will fail to find it and will block the automated release process in the forgejo-integration repository
 - Documentation
   - In [the documentation](https://codeberg.org/forgejo/docs)
-    - Create the `vX.Y` branche from next
+    - Create the `vX.Y` branch from next
     - Create the `backport/vX.Y` label
   - In [the website](https://codeberg.org/forgejo/website) add a submodule similar to [this commit](https://codeberg.org/forgejo/website/commit/3f1e62be22f96d048309157e8779cbfcf204eb90)