Setting up SSL for Forgejo on your homelab/vps using nginx reverse proxy

Goal: Setup Forgejo on my VPS and be able to use SSL with it



2 pieces of information were key:

  1. Having nginx proxy all SSL requests to the forgejo http server

  2. Finding the right nginx location directive to catch all /git/* requests correctly


This assumes you have a newly installed Forgejo server running on your VPS at port 3000 and running under systemd. See Forgejo installation / admin docs for details.

Configure Nginx

Edit your Nginx config. I’m just using the default at:

$ vim /etc/nginx/sites-enabled/default

And add something like this inside your server block (preferably near the top so it’s the first match):

location ~/git(?.*)$ {

proxysetheader Host $host;

proxysetheader X-Real-IP $remote_addr;

proxysetheader X-Forwarded-For $remote_addr;

proxysetheader X-Forwarded-Proto: https;

proxysetheader X-Url-Scheme: https;




Restart Nginx

$ sudo systemctl restart nginx

Configure forgejo for the subdirectory

$ sudo vim /etc/forgejo/app.ini

And change ‘ROOT_URL’ to point to your subdirectory


Restart forgejo

$ sudo systemctl restart forgejo

The End

That’s it, you should now be able to navigate to


and see forgejo loaded with https://

Go ahead and make that admin user (you didn’t do that over http did you?)


[Server Fault](

[Nginx Location Examples](

[SO Question on SSL with Nginx Reverse Proxy](