I’ve started building a small decentralized, non commercial app with a Rust backend + Node.js frontend running on k8s. I would have my own dedicated server for this. Just mentioning the setup because it might grow and for git there seem to be only GitHub and GitLab around and I prefer GitLab.
I care a lot about security and was wondering if it makes sense to self-host GitLab. I‘m not afraid of doing it, but after setup it shouldn’t take more than 1-2 hours per week for me to maintain it in the long run and I’m wondering if that’s realistic.
Would love to hear about the experience of people who did what I’m planning to do.
EDIT: Thanks for all the answers, trying my best to reply. I want CI/CD, container registry and secrets management that’s what I was hoping to get out of GitLab.
For self hosting there is also https://forgejo.org/ which is a fork of https://about.gitea.com/ , the latter of which started to shift to a corporate model.
deleted by creator
Another upvote for forgeo. So easy to get set up and running. Can run it in docker itself. I tried to host gitlab and got so frustrated with the pages and pages of ruby configs. Forgejo is so much cleaner.
The is also Codeberg
Gitlab uses a ton of resources and is a pain to setup. Once you get it going, it’s fine.
Going to echo what others have said: Use Gitea or Forgejo instead if you can. Both have runners you can setup like gitlab, but they instead mimic github actions instead of gitlab ci/cd.
I run a semi-private gitea instance, and have not had any problems past the initial setup in 2+ years.
there seem to be only GitHub and GitLab around
Gitea, Forgejo, and cgit exist
And there are others if you look for them.
I tried hosting Gitlab for a while, but configuration and upgrades were difficult, and your really have to stay on top of updates due to vulnerabilities. It also used a lot of resources and wasn’t super responsive.
I moved to Forgejo (a hard fork of Gitea), and haven’t looked back; I cant recommend it enough. It’s fast, doesn’t take a lot of resources, actively developed, and has all the features I need.
Codeberg is a public instance of Forgejo if you want to try it out first.
First question is why do you want a forge ? Knowing the feature you need out of it is what should drive your decision.
Personally I would question the benefit of allocating ~5% of your work time to anything that isn’t core building your product but that’s up to you.