Migrating from Gitea to Forgejo on Arch Linux

Resolving the permission denied on repositories

Following the Arch Linux instructions to migrate from Gitea to Forgejo, I found that when run as a service (via systemd systemctl start forgejo.service) the log file (in my case /var/log/forgejo/gitea.log) contained permission denied errors:

2024/07/30 13:52:55 routers/init.go:71:mustInitCtx() [F] code.gitea.io/gitea/services/repository.SyncRepositoryHooks(ctx) failed: SyncRepositoryHook: create hooks dir '/home/forgejo/gitea-repositories/duncan/dunca.nturnbull.com.git/hooks/pre-receive.d': mkdir /home/forgejo: permission denied

The same error did not occur when running forgejo as the forgejo user:

su forgejo
forgejo

A mystery, but one eventually explained by the setting:

[root@localhost ~]# systemctl show forgejo.service -P ProtectHome
yes

Create a drop-in override:

systemctl edit forgejo.service --drop-in=AllowHome

with the below:

### Editing /etc/systemd/system/forgejo.service.d/AllowHome.conf
### Anything between here and the comment below will become the contents of the drop-in file

[Service]
ProtectHome=false


### Edits below this comment will be discarded

Then restart the service:

systemctl restart forgejo.service

Updating the home directory path for Forgejo SSH integration

Forgejo manages SSH authorized keys. The previous gitea user had a home directory or /home/gitea and the new forgejo user has /var/lib/forgejo, as you can see in /etc/passwd:

gitea:x:976:976::/home/gitea:/bin/bash
forgejo:x:967:967:Forgejo daemon user:/var/lib/forgejo:/bin/bash

Update /etc/forgejo/app.ini to remove the SSH_ROOT_PATH as the default of ~/.ssh is correct.