No worries! When I checked the repo, I didn’t see any forks, and my Proxmox resource usage looked normal, so I didn’t think anything bad happened. I just got cautious after a Reddit user pointed out that the config I thought was safe wasn’t actually secure.
I hadn’t thought of it that way, but it makes a lot of sense. I was just avoiding committing certain things and only pushing finished work to GitHub.
I also thought this wasn’t an issue anymore, there’s a setting in the Actions settings where you can enable or disable workflows from forked pull requests. But someone on Reddit spooked me a bit about it, so for now, I’ve made the repo private until I’m 100% sure there are no risks. I wanted it public because I was considering using GitHub Issues as a backend for blog comments, but I’ll reevaluate that. Also, thanks for the idea of running a local git server with mirroring to GitHub—I hadn’t considered having two upstreams. That could be a great setup, especially since I’m still in college and trying to build in public for future job opportunities while keeping CI/CD self-hosted.
Basically, I just wanted to tinker and learn. Self-hosting my CI/CD pipeline seemed like an interesting approach, and I wanted to explore how it all works beyond just using GitHub’s free runners.
My main reason was honestly laziness 😅 . I just went with what was quickest to set up. I also hadn’t realiced I could have two upstreams on my repo: one public-facing on GitHub (because I’m still in college and trying to build in public for future job opportunities) and another self-hosted on Gitea or GitLab for CI/CD.
That actually sounds like a great setup, so I’ll definitely look into it now. Thanks for the recommendation!
To be honest, when I set this up and wrote the guide, I wasn't really aware of Forgejo as a distinct option, or at least hadn't looked into it deeply. Gitea came up frequently in my research for lightweight self-hosted Git servers Having had a quick look now that you mention it, while Forgejo definitely looks like a solid project, I'm not immediately seeing any specific features it offers that are essential for my personal use case that Gitea doesn't already cover. Gitea's is meeting my needs perfectly so far. But it's good to know about it, thanks for bringing it up!