Posted by jslakro 5 hours ago
They also don't want to host your homepage, so if GitHub Pages is why you used GitHub, they are not a replacement.
Unfortunately I don't think there's really an answer to that conundrum that doesn't involve just spinning up your own git server and accepting all the operational overhead that comes with it. At least Forgejo (software behind Codeberg) is FOSS, so you can do that and it should cover most of what you need (and while you're in the realm of having a server, a Pages-esque replacement is trivial since you're configuring a webserver anyway.) Maybe Gitlab.com, although I am admittedly unfamiliar with how Gitlab's "main" instance has changed over the years wrt features.
Here's their FAQ on the matter, it's worth a read: https://docs.codeberg.org/getting-started/faq/
Hmm all that operational overhead... Of an ssh server? If you literally just want a place to push some code, then that really isn't that hard.
And no, its not that hard once you learn. Except, now its a never ending chore when it was an appliance. Instead of a car you have a project car.
Can confirm.
Also, not everyone who wants to share content publicly has a domain name with which to do so, or the kind of Internet connection that allows running a server. If you include "hosting" by using a hosting provider... it's perfectly possible (raises hand) to not even have any experience with that after decades of writing code and being on the Internet.
# locally
ssh git@example.com
# server
mkdir repo.git
cd repo.git
git --bare init
# locally
git remote add origin ssh://git@example.com/home/git/repo.git
git push origin master
Just store the repo and access it with your account.
The whole git@ thing is because most "forge" software is built around a single dedicated user doing everything, rather than taking advantage of the OS users, permissions and acl system.
For a single user it's pointless. For anyone who knows how to setup filesystem permissions it's not necessary.
Hey, I’m building Monohub - as a GitHub alternative, and having private repositories is perhaps a key feature - it started as a place for me to host my own random stuff. Monohub [dot] dev is the URL. It’s quite early in development, so it’s quite rough around the edges. It has PR support though.
Hosted in EU, incorporated in EU.
Would be happy if you tried it out — maybe it’s something for you.
Edit: you can have a look at a public repository I have to see what it looks like now: https://monohub.dev/@tbayramov/efcore-audit-timestamps
> If you do not contribute to free/libre software (or if it is limited to your personal homepage), and we feel like you only abuse Codeberg for storing your commercial projects or media backups, we might get unhappy about that.
Emphasis mine. This isn't about if it's technically possible (it certainly is), it's whether or not it's allowed by their platform policies.
Their page publishing feature seems more like it's meant for projects and organizations rather than individual people. The way it's described here indicates that using them to host your own blog/portfolio/what have you is considered to be abusing their services.
All it shows the world is why there needs to be a VAT like tax against US digital services to help drive a public option for developers.
There's no reason why the people can't make our own solutions rather than be confined to abusive private US tech platforms.
A better alternative would be to create the incentives so that companies like these can be born in Europe.
My 2 cents.
Keep in mind, I'm not saying Codeberg is bad, but it's terms of use are pretty clear in the sense that they only really want FOSS and anyone who has something other than FOSS better look elsewhere. GitHub allowed you to basically put up anything that's "yours" and the license wasn't really their concern - that isn't the case with Codeberg. It's not about price or anything either; it'd be fine if the offer was "either give us 5$ for the privilege of private repositories or only publish and contribute public FOSS code" - I'm fine paying cash for that if need be.
One of the big draws of GitHub (and what got me to properly learn git) back in the day with GitHub Pages in particular was "I can write an HTML page, do a git push and anyone can see it". Then you throw on top an SSG (GitHub had out of the box support for Jekyll, but back then you could rig Travis CI up for other page generators if you knew what you were doing), and with a bit of technical knowledge, anyone could host a blog without the full on server stack. Codeberg cannot provide that sort of experience with their current terms of service.
Even sourcehut has, from what I can tell, a more lenient approach to what they provide (and the only reason why I wouldn't recommend sourcehut as a GitHub replacement is because git-by-email isn't really workable for most people anymore). They encourage FOSS licensing, but from what I can tell don't force it in their platform policies. (The only thing they openly ban is cryptocurrency related projects, which seems fair because cryptocurrency is pretty much always associated with platform abuse.)
I mean, it is arguably much easier to just write the HTML page and upload it with FTP and everyone can see it. I never understood why github became a popular place to host your site in the first place.
Easy: it was free, it was accessible to people that couldn't spend money for a hosting provider (read: high schoolers) and didn't impose arbitrary restrictions on what you were hosting.
Back then, your options as a high school student were basically to either try and reskin a closed off platform as much as you could (Tumblr could do that, but GitHub Pages also released in the time period where platforms were cracking down on all user customization larger than "what is my avatar") or to accept that the site you wanted to publish your stuff on could disappear at any moment the sketchy hosting provider that provided you a small amount of storage determined your bandwidth costs meant upselling you on the premium plan.
GitHub didn't impose those restrictions in exchange for being a bit less interactive when it came to publishing things (so no such thing as a comment section without using Disqus or something like that, and chances are you didn't need the comments anyways so win-win) That's why it got a lot more popular than just using an FTP server.
And if you already knew how to write/make HTML you'd for sure already know all of that too.
If I just want to host my code, I can self host or use an SSH/SFTP server as a git remote, and that's usually what I do.
And so we go, forever in circles, until enough of us move to other platforms regardless of where the existing community is. Just like how GitHub found its community in the early days, when most people (afaik) was using SourceForge, if anything.
"The community" will always remain on GitHub, if everyone just upload code to where "the community" already is. If enough of us stop using GitHub by default, and instead use something else, eventually "the community" will be there too, but it is somewhat of a chicken-and-egg problem, I admit.
I myself workaround this by dropping the whole idea that I'm writing software for others, and I only write it for myself, so if people want it, go to my personal Gitea instance and grab it if you want, I couldn't care less about stars and "publicity" or whatever people nowadays care about. But I'm also lucky enough to already have a network, it might require other's to build their network on GitHub first, then also be able to do something similar, and it'll all work out in the end.
SourceForge was abandoned due to UX issues and the adware debacle; at the same time, GitHub started making changes which made it more viable to use the platform to distribute binary releases.
The deficiencies of GitHub are not critical enough for me to care, and if it ever gets that bad, pushing somewhere else and putting a few "WE HAVE MOVED" links isn't a big deal.
And "the community" isn't moving to Codeberg because Codeberg can't support "the community" without a massive scale up.
I'd say SourceForge was abandoned due to VA Linux going under. I remember the pain/panic as large numbers of OSS projects were suddenly scrambling to find alternatives to SF. I actually started a subscription to GitHub just to try and help ensure they had the money to stay in business, and we didn't have to go thru that again.
People have a superficial knowledge of the space (I think this extends beyond Codeberg) but feel strongly that they need to advocate for something. Codeberg themselves seem to have opinions about what they want to do but people are suggesting they can do more simply because it gives them an outlet.
The constraints that Codeberg set seem to, on the surface at least, ensure they can scale based on their needs and protect them from external threats. Hosting random sites comes with a range of liabilities they probably understand and want to avoid right now. There are EU regulations which can be challenging to handle.
It's worth $50 just this month, according to them, but I don't see anyone else offering the mac runners that account for most of it.
For all the complaints, I test my packages that actually need it across dozens of architecture and OS combinations with a mix of runners, nested virtualization and qemu binfmt, all on their free platform.
It's a shame. The people who control the money successfully committed enshittification against open source.
Of course, that mostly goes for projects big enough to already have an indepedent community.
I'm not trying defend github here. The largest platform could have been anyone who took advantage of the early opportunities in the space, which just happens to be Github. But discoverability is still a nagging problem. I don't think that even a federated system (using activitypub, atproto or whatever else out there) is going to solve that problem. We need a solution that can scour the entire code hosting space like search engines do (but collaboratively, not aggressively like LLM scrapers).
It's helpful to have a github mirror of your "real" repo (or even just a stub pointing to the real repo if you object to github strongly enough that mirroring there is objectionable to you).
One day maybe there will be an aggregator that indexes repos hosted anywhere. But in many ways that will be back to the square one - a single point of failure.
The Fediverse seems to dislike global search. Or is that just a mastodon thing?
[1]: https://huijzer.xyz/posts/55/installing-forgejo-with-a-separ...
[2]: https://huijzer.xyz/posts/55/installing-forgejo-with-a-separ...
I was self hosting gitlab for a long time. But forgejo is an order of magnitude less resource intensive.
It is a single very small go binary. You can use sqlite or postgres. But you can easily run it inside a small docker container on your local machine.
And it is fun to hack on it because it is so open. You build really fun workflows that are blocked by the corporate limits of Github.
Build Nix config into a VM image => Deploy VM to Proxmox via its API => Spin up Docker stack via Komodo
I've also trying to use it to sync my Obsidian vault via git to my phone, altho that flaked out on me recently (if anyone knows a reliable way to use git via the shell on iOS, please let me know).
This on its own makes me pretty bearish on community-driven attempts to oust GitHub, even if ideologically I'm aligned with them: the real cost (both financial and in terms of complexity) of user expectations around source forges in 2026 is immense.
I think the real problem is we were sold all these complex processes that supposedly deliver better results, while in reality for most people and orgs it's just cargo culting, like with Kubernetes, for example. We can get rid of 90% of them and be just fine. You easily get away without any kind of CI in teams of less than 5-7 people I would argue - just have some sane rules and make everyone follow them (like run unit tests before submitting a PR).
Which is actually useful.
and thus you discover the value of CI
Good luck implementing merge queues yourself. As far as I know there are no maintained open source implementations of merge queues. It's definitely not as trivial as you claim.
Why? I know plenty of teams which are fine with repo and CI being separate tools as long as there is integration between the 2.
The whole PR and code review experience is much more important to me. Github is striving to set a high bar, but is also hilariously bad in some ways. Similarly the whole issue system is passable on Github, but doesn't really reach the state of the art of issue systems from 20 years ago
On the other hand Codeberg doesn't let you create private repositories at all. So Copilot could still legally scrape your open source Codeberg repos.
I don't see much of a point for most people. https://docs.codeberg.org/getting-started/faq/ >If you need private repositories for commercial projects (e.g. because you represent a company or are a developer that needs a space to host private freelance projects for your clients), we would highly recommend that you take a look at Forgejo. Forgejo is the Git hosting software that Codeberg runs. It is free software and relatively easy to self-host. Codeberg does not offer private hosting services.
are you sure about that? I'm fairly certain my repos on codeberg are all private but I could be mistaken.
I think Forgejo would work fine for smaller projects and teams. We really wanted to stop having to worry about GitHub going and not being able to do CD as well as get away from a lot of the action zero-days happening.
And yes, it's self-hosted and free! You can run a reference implementation pretty easily with non-production components (i.e. they won't backup or scale well).
Most of my friends who use codeberg are staunch cloudflare-opponents, but cloudflare is what keeps Gitlab alive. Fact of life is that they're being attacked non-stop, and need some sort of DDoS filter.
Codeberg has that anubis thing now I guess? But they still have downtime, and the worst thing ever for me as a developer is having the urge to code and not being able to access my remote. That is what murders the impression of a product like codeberg.
Sorry, just being frank. I want all competitors to large monopolies to succeed, but I also want to be able to do my job/passion.
> the worst thing ever for me as a developer is having the urge to code and not being able to access my remote.
Makes it seem like GitHub/Codeberg has to be online for you to be able to code, is that really the case? If so, how does that happen, you only edit code directly in the GitHub web UI or how does one end up in that situation?
I'm guessing you have SSH access between the two? You could just add it as another remote, via SSH, so you can push/pull directly between the two. This is what I do on my home network to sync configs and other things between various machines and OSes, just do `git remote add other-host git+ssh://user@10.55/~/the-repo-path` or whatever, and you can use it as any remote :)
Bonus tip: you can use local paths as git remote URLs too!
> but more than once I've lost work that way.
Huh, how? If you didn't push it earlier, you could just push it later? Some goes for pull? I don't understand how you could lose anything tracked in git, corruption or what happened?
That's what I do. Control your entire world yourself.
Sure, you might neglect to add a file to your commit, or commit at all, but that's a problem whether you're pushing to a central public git forge or not.
`ssh remote "cd $src/repo ; git diff" | git apply`
(You'll need to season to taste: what to do with staged changes, how to make sure both trees are in the same HEAD, etc)
For how infrequent I interface with Codeberg I have to say that my experience has been pretty terrible when it comes to availability.
So I guess the answer is: the availability is bad enough that even infrequent interactions with it are a problem.
I can understand that work with other active contributors, but I agree with you that it is a daft state of affairs for a solo or mostly-solo project.
Though if you have your repo online even away from the big places, it will get hit by the scrapers and you will end up with admin to do because of that, even if it doesn't block your normal workflow because your main remote is not public.
Even with the best habits, there will be the few times a month where you forgot to push everything up and you’re blocked from work.
Codeberg needs to meet the highest ability levels for it to be viable.
Not really. The point of git was to make Linus' job of collating, reviewing, and merging, work from a disparate team of teams much less arduous. It just happens that many of the patterns needed for that also mean making remote temporarily disconnected remote repositories work well.
--------
[1] He did a lot more than type “help” - he was essentially trying to reverse engineer the product to produce a compatible but more open client that gave access to metadata BitKeeper wanted you to pay to be able to access² which was a problem for many contributors.
[2] you didn't get the fulllest version history on the free variants, this was one of the significant concerns making people discuss alternatives, and in some high profile cases just plain refuse to touch BitKeeper at all
Philosophically I think it's terrible that Cloudflare has become a middleman in a huge and important swath of the internet. As a user, it largely makes my life much worse. It limits my browser, my ability to protect myself via VPNs, etc, and I am just browsing normally, not attacking anything. Pragmatically though, as a webmaster/admin/whatever you want to call it nowadays, Cloudflare is basically a necessity. I've started putting things behind it because if I don't, 99%+ of my traffic is bots, and often bots clearly scanning for vulnerabilities (I run mostly zero PHP sites, yet my traffic logs are often filled with requests like /admin.php and /wp-admin.php and all the wordpress things, and constant crawls from clearly not search engines that download everything and use robots.txt as a guide of what to crawl rather than what not to crawl. I haven't been DDoSed yet, but I've had images and PDFs and things downloaded so many times by these things that it costs me money. For some things where I or my family are the only legitimate users, I can just firewall-cmd all IPs except my own, but even then it's maintenance work I don't want to have to do.
I've tried many of the alternatives, and they often fail even on legitimate usecases. I've been blocked more by the alternatives than I have by Cloudflare, especially that one that does a proof of work. It works about 80% of the time, but that 20% is really, really annoying to the point that when I see that scren pop up I just browse away.
It's really a disheartening state we find ourselves in. I don't think my principles/values have been tested more in the real world than the last few years.
I have website small enough not to attract too many bot, but sometime, something very innocent can bring my website down.
For example, I put a php ical viewer.. and some crawler start loading the calendar page, taking up all the cpu cycle.
Mental note, make sure my robots.txt files contain a few references to slowly returning pages full of almost nonsense that link back to each other endlessly…
Not complete nonsense, that would be reasonably easy to detect and ignore. Perhaps repeats of your other content with every 5th word swapped with a random one from elsewhere in the content, every 4th word randomly misspelt, every seventh word reversed, every seventh sentence reversed, add a random sprinkling of famous names (Sir John Major, Arc de Triomphe, Sarah Jane Smith, Viltvodle VI) that make little sense in context, etc. Not enough change that automatic crap detection sees it as an obvious trap, but more than enough that ingesting data from your site into any model has enough detrimental effect to token weightings to at least undo any beneficial effect it might have had otherwise.
And when setting traps like this, make sure the response is slow enough that it won't use much bandwidth, and the serving process is very lightweight, and just in case that isn't enough make sure it aborts and errors out if any load metric goes above a given level.
A bit like this? ( iocaine is newer)
Is iocaine actually newer though? Its first commit dates to 2025-01, while the blog post is from 2025-03. I couldn't find info on when Cloudflare started theirs. There's also Nepenthes, which had its first release in 2025-01 too.
And pretty much all of them, ByteDance, OpenAI, AWS, Claude, various I couldn't recognize. I basically just had to block all of them to get reasonable performance for a server running on a mini-pc.
I was going to move to codeberg at some point, but they had downtime when I was considering it, I'd rather deal with that myself then.
They generate a URL for every version of every file on every commit and every branch and tag, and if that wasn't enough, n(n+1)/2 git diffs for every file on every commit it has exited on. Even a relatively small git repo with a few hundred files and commit explodes into millions of URLs in the crawl frontier. Server side many of these are very expensive to generate as well so it's really not a fantastic interaction, crawler and git host.
If you run a web crawler, you need to add git host detection to actively avoid walking into them.
From the shape of the traffic it just looks like a poorly implemented web crawler. By default, a crawler that does not take measures to actively avoid git hosts will get stuck there and spend days trying to exhaust the links of even a single repo.
Thank God GitHub is... oh.
The idea that you shouldn't need a code hosting platform because git is decentralized is so out of place that it is genuinely puzzling how often it pops up.
They said they want to be able to rely on their git remote.
The people responding are saying "nah, an unreliable remote is fine because you can use other remotes" which doesn't address their problem. If Codeberg is unreliable, then why use it at all? Especially for CI, issues, and collab?
Maybe a hard blocker if you are pair programming or collaborating every minute. Not really if you just have one hour to program solo.
I think that's the moment when you choose to self host your whatever git wrapper. It really isn't that complicated to do and even allows for some fun (as in cheap and productive) setups where your forge is on your local network or really close to your region and you (maybe) only mirror or backup to a bigger system like Codeberg/GitHub.
In our case, we also use that as an opportunity to mirror OCI/package repositories for dependencies we use in our apps and during development so not only builds are faster but also we don't abuse free web endpoints with our CI/CD requests.
Well, Codeberg doesn't have all the features I did use of Gitlab, but for my own projects I don't really need them either.
Been working on it for months now, it does work, lol.
This was my biggest blocker as well, as there weren't any managed CIs that supported Codeberg until recently.
NixCI[0] recently added support for Codeberg, and I've had a great experience with it. The catch is that you have to write your CI in Nix, though with LLMs, this is actually pretty easy. Most of my CI jobs are just bash scripts with some Nix wiring on top.[1] It also means you can reproduce all your CI jobs locally without changing any code.
[1] https://codeberg.org/mtlynch/little-moments/src/commit/d9856... - for example
I've also been very happy with sourcehut for most of my personal projects for some time. The email patch submission workflow is a tad bit unfamiliar for most, but IMO in today's era raising that barrier to entry is mostly a good thing for OSS projects.
I also strongly prefer a simple CI environment (where you just run commands), which encourages you to actually be able to run your CI commands locally.
For me its providing uptime. Github is barely reaching one nine of availability these days.