- Block port 2222 (Forgejo SSH) alongside 3000 after install since
git operations use HTTPS via NPM proxy only
- Add save_iptables_rules helper: uses netfilter-persistent if present,
otherwise writes /etc/iptables/rules.v4 and installs iptables-persistent
so DROP rules survive reboots
- Call save_iptables_rules after Forgejo port block and toggle-port-81
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Automatically add iptables DOCKER-USER DROP rule for port 3000 so
Forgejo is only reachable via NPM proxy, not directly from the internet
- Rewrite post-install instructions in English with all 6 NPM setup steps
including SSL config and correct ROOT_URL / SSH Port values
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Codeberg container registry does not publish a 'latest' tag for Forgejo.
Switch to the stable major version tag 'codeberg.org/forgejo/forgejo:9'.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
generate_docker_compose now only adds the d3v-net network section if the
network actually exists on the host. Servers without Forgejo no longer
fail with "network declared as external, but could not be found".
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add Forgejo as option 8 in main menu with submenu (install/uninstall/update)
- do_forgejo_install: creates /opt/forgejo with SQLite, ports 3000/2222,
joins d3v-net network so NPM can proxy to it
- ensure_docker_network: creates d3v-net external network if missing
- On Forgejo install, regenerate D3V-NPMWG compose to include d3v-net
and connect running container immediately (no restart required)
- Success output includes step-by-step NPM Proxy Host setup guide
- DOCKER_NETWORK constant (d3v-net) shared across both stacks
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Sửa lỗi db.js export getInstance() thay vì knex instance trực tiếp
- Tìm admin theo user đầu tiên trong DB thay vì hard-code id=1
- Chỉ hỏi mật khẩu mới, hiển thị email sau khi update thành công
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
