Forgejo
Connect Forgejo to Proval with a personal access token and repository webhook.
Connect Forgejo to Proval with a personal access token, the Proval dashboard forms, and a repository webhook.
External network. If Forgejo reaches Proval over the public internet, use
https://(reverse proxy in front of port 7901). Internal LANhttp://is fine for many self-hosted setups.
Prerequisites
- Quick Start completed. Proval is running
- A model provider configured in Proval
- Forgejo can reach Proval on port 7901 (Network)
Step 1: Personal access token
- Profile → Settings → Applications → Generate New Token
- Select
read_apiandwrite_repository
Step 2: Connect in Proval
Forgejo connection
- Dashboard → Git Provider → Add Forgejo connection
- Fill in the form
- Test Connection, then save
Repository
- Repositories → Add repository
- Fill in the form
- Create
Use the same webhook secret in Step 3.
Step 3: Repository webhook
http://<your-server>:7901/webhook/forgejo
Use https:// when TLS terminates before Proval. LAN http:// may require allow internal webhooks.
- Repository → Settings → Webhooks → Add Webhook → Forgejo
- Fill in the form
- Select All events, or Custom events and enable:
- Pull request events → Modification
- Pull request events → Comments
- Issue events → Modification
- Issue events → Comments
Instance admins can add the same webhook for all repositories under Site administration → Default webhooks.
Allow internal HTTP webhooks
When Forgejo and Proval are on a private LAN with plain http://:
- Edit Forgejo
app.ini(no GUI) - Set
ALLOWED_HOST_LISTand restart Forgejo
[webhook]
ALLOWED_HOST_LIST = private,192.168.1.10
Docker Compose:
environment:
- GITEA__webhook__ALLOWED_HOST_LIST=private,192.168.1.10
Troubleshooting
- 401 — secret does not match Proval
- 404 — repository not registered in Proval
- Host not allowed — Allow internal webhooks
- No review — Forgejo cannot reach port 7901, or events not enabled
- Test connection fails — invalid token or missing scopes