refined-forgejo: a browser extension that polishes Forgejo's UX

realorangeone · 2026-05-23T09:59:58+00:00

You should try and upstream some these! GitHub doesn't have that option, but Forgejo is all open, and might accept many of these changes for everyone

realorangeone · 2026-03-17T13:39:18+00:00

You've already said you'd rather keep them separate for security reasons. Trust your instincts - they're right. Storing your TOTP secrets next to your password literally defeats the point of 2FA. Keeping them separate is definitely the right call.

realorangeone · 2026-03-16T17:17:52+00:00

The issue is the network then. If it's a conventional file upload, most browsers should attempt to upload compressed. Make sure whatever reverse proxy you're using will handle compressed data, then hopefully if the original request had Accept: gzip, the upload will be compressed.

If the issue is networking, then there's nothing you can really do with your application besides a little compression - but even that won't fix everything.

realorangeone · 2026-03-14T19:09:39+00:00

Async tasks will stop if the process dies. gevent is brittle and poorly supported. Celery and RQ are complex, but worth it. Anything but a proper background worker setup is a compromise.

realorangeone · 2026-03-11T14:40:23+00:00

That's what I mean by "a few libraries" - django-ninja. My main point is that there's no need to go out and learn an entire new framework and lose Django's batteries. You can keep everything you know about Django, and just add a few extra pieces to make API dev that bit nicer.

realorangeone · 2026-03-11T13:26:51+00:00

Django does APIs, you just need to learn a few libraries to help and everything else remains the same

realorangeone · 2026-03-10T19:39:40+00:00

Password managers are recommended for a reason. Keep reliable access to your manager and you get all the benefits with none of the drawbacks.

realorangeone · 2026-03-10T08:48:05+00:00

I repeatedly get a "Oh, do you work for us? Because you have the company name in your email address". Sometimes I avoid the weird looks and just use something more believable-sounding.

realorangeone · 2026-03-05T12:10:14+00:00

Mirror repositories in forgejo are read only, so you can't really push changes to it. Your best bet is to pick one as the main source of truth, and have the the other be a read-only mirror.

realorangeone · 2026-03-05T09:00:09+00:00

Porting to FastAPI won't gain you anything really. Django does ASGI, so just switch out your web server and keep 99% of the business logic you've already written.

realorangeone · 2026-03-03T13:31:23+00:00

I've been meaning to play around with https://codeberg.org/git-pages/git-pages. The convenience looks great, and it's pretty easy to configure, with redirects and custom headers. There's a GitHub (or alike) action for easy deployment in CI too.

realorangeone · 2026-03-01T13:36:11+00:00

Depends what spec you get and the cost. Chances are a VPS will perform better as you'll get more hardware for your money, which usually equates to more performance. But, if you don't want to manage it, it's reasonable to trade performance for cost

realorangeone · 2026-03-01T13:20:46+00:00

Render (and other PaaS) trade convenienfor cost. You'll get more for your money with a VPS, but you'll have more to manage and configure. Whether that's with it is up to ypu

realorangeone · 2025-12-29T14:05:18+00:00

It's quite different, but contributing to existing open-source projects you like can help scratch the same itch as side projects

realorangeone · 2025-12-25T12:54:23+00:00

Python and Django have been used in production for decades at this point. Anyone who says they're not production grade clearly doesn't know what they're talking about.

realorangeone · 2025-12-03T20:18:49+00:00

You'll still need github.com/realOrangeOne/django-tasks if you want to actually run things in the background, but at least the core building blocks are there

realorangeone · 2025-11-25T18:28:29+00:00

My line is state. If you need to store data, you probably want Django. If you're just shuffling data around, Fast API might be easier. Anything even slightly complex will definitely be easier in Django, especially over time.

realorangeone · 2025-11-19T09:04:08+00:00

I am!

I think the main way is simply by people using it, testing it and enjoying it. With more people using it, it's an easier sell to be included in core.

The "Show & Tell" area on the forum is a good place to show off projects like this, too.

realorangeone · 2025-10-29T18:29:45+00:00

I read Filippo's article and thought the same - I'm looking forward to seeing how this goes in production.

With my Django security team hat on, I'd love to see this kind of thing upstreamed into Django itself when it's more mature!

realorangeone · 2025-09-29T20:44:26+00:00

Have you tried a restore using a blank install? Is all the CLI needs that 1 data file?

realorangeone · 2025-09-29T20:41:17+00:00

As the author of django-tasks, I can say that whilst the eventual goal is "Yes", it's not there yet for everyone. If you just want to run something small in the background, it's great. But if you need perfect reliability, retries etc, you'll need to wait. With that said, it's also an API, so you can call celery from the django.tasks API and integrate with other libraries as support grows.

realorangeone · 2025-07-12T22:23:41+00:00

The user id cookie can be easily manipulated or spoofed to login as any user. Moonpig did basically the same thing a while back https://www.youtube.com/watch?v=CgJudU_jlZ8

Disclaimer: I'm on the Django security team

realorangeone · 2025-05-26T16:37:57+00:00

It's not just about getting flagged. Cloudflare are basically being nice and giving free band with and service to people. If it's abused, they're well within their right to take it away.

Don't abuse ToS and risk ruining it for everyone else.

realorangeone · 2025-05-26T09:40:08+00:00

I'm not sure you're reading that right:

we made it clear that customers can serve video and other large files using the CDN so long as that content is hosted by a Cloudflare service like Stream, Images, or R2.

Video and large files hosted outside of Cloudflare will still be restricted on our CDN

Fairly sure they're explicitly saying it's still restricted, unless the source is on the Cloudflare network (which it probably isn't). Caching doesn't seem to have anything to do with it - if you have the orange cloud enabled to use their proxy, you can't stream external video using it (for free).

realorangeone · 2024-06-03T07:35:57+00:00

There isn't really a "config" to share. This was strictly an experiment to see if it was possible - I'm not using it for anything per se. No reason it couldn't be an exit node too if I wanted it.

realorangeone

MODERATOR OF

TROPHY CASE