blog/content/posts/tech/codeberg-pages-server/index.md

---
title: "Déployer un serveur Codeberg Pages"
draft: true
date: 2025-03-26
---

# Déployer le service

Voici un exemple de `docker-compose.yml`.

La documentation des variables d'environnement :
<https://codeberg.org/Codeberg/pages-server#environment-variables>

Pour le provider DNS, il faut adapter la variable `DNS_PROVIDER` à votre fournisseur de nom de domaine.
Voir cette section de la documentation

```yaml
services:
  pages-server:
    image: codeberg.org/codeberg/pages-server:next
    container_name: pages-server
    restart: unless-stopped
    environment:
      - ACME_ACCEPT_TERMS=true
      - ACME_EMAIL=email@email.com
      - HOST=0.0.0.0
      # To adapt to your provider see https://go-acme.github.io/lego/dns/
      - DNS_PROVIDER=gandiv5 
      - GANDIV5_PERSONAL_ACCESS_TOKEN=${GANDIV5_PERSONAL_ACCESS_TOKEN}
      # End of provider specific variables
      - FORGE_ROOT=https://git.example.com
      - PAGES_DOMAIN=pages.example.com
      - RAW_DOMAIN=raw.pages.example.com
      - USE_PROXY_PROTOCOL=true
```
<!--ici un callout block-->
IMPORTANT : Pour les URL et les sous-domaines, il ne faut surtout pas mettre de `"` (guillemets) autour, car le *parsing* ne se fera pas correctement et fera planter le serveur.

Adapter la configuration notamment des réseaux docker si besoin pour votre *reverse proxy*.

# Configuration du reverse proxy (SWAG)

Voici un exemple de configuration pour le *reverse proxy* SWAG de LinuxServer.io.

```nginx
server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name pages.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    # enable for ldap auth (requires ldap-location.conf in the location block)
    #include /config/nginx/ldap-server.conf;

    # enable for Authelia (requires authelia-location.conf in the location block)
    #include /config/nginx/authelia-server.conf;

    # enable for Authentik (requires authentik-location.conf in the location block)
    #include /config/nginx/authentik-server.conf;

    location / {
        # enable the next two lines for http auth
        #auth_basic "Restricted";
        #auth_basic_user_file /config/nginx/.htpasswd;

        # enable for ldap auth (requires ldap-server.conf in the server block)
        #include /config/nginx/ldap-location.conf;

        # enable for Authelia (requires authelia-server.conf in the server block)
        #include /config/nginx/authelia-location.conf;

        # enable for Authentik (requires authentik-server.conf in the server block)
        #include /config/nginx/authentik-location.conf;

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app pages-server;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        # The following lines enables SNI and thus make connection to pages-server work !
        proxy_ssl_name          $host;
        proxy_ssl_server_name   on;
    }
}
```

La suite quand ma configuration sera fonctionnelle.