Replace Forgejo with Internal Sztab-Managed Git (Semi-Production Requirement)

Background / Motivation

Sztab is progressing functionally, but is not yet suitable for daily, semi-production use due to its dependency on Forgejo for Git functionality.

Forgejo introduces:

• separate user management
• separate authentication
• additional setup steps
• a split mental model (“Sztab + Git system”)
• product dilution (why use Sztab if Forgejo is still required?)

This issue formalizes the requirement to make Sztab self-contained, straightforward to deploy, and immediately usable as a primary project management system.

This aligns with the goal of positioning Sztab as a OneDev / Forgejo replacement, not a wrapper around them.

Goal

Provide a turnkey Docker Compose deployment of Sztab where:

• Git is an internal subsystem, not an external product
• Creating a Sztab project automatically creates a Git repository
• No separate Git users, authentication, or credentials exist
• The system is usable immediately after startup

Requirements

1. Deployment

• A single docker-compose.yml must deploy all components required for existing functionality.
• No post-deployment configuration of third-party systems is acceptable.
• If the system starts, it must be usable.

2. Internal (Sztab-Managed) Git – Mandatory

2.1 Ownership & Scope

• Git is owned and managed entirely by Sztab.
• Git runs as an internal service, invisible outside the Docker Compose network.
• Git is infrastructure, not a user-facing product.

2.2 Identity & Security Model

• No Git users
• No Git authentication
• No per-user credentials
• Sztab accesses Git without authentication.
• All authorization decisions live in Sztab (roles, project membership, permissions).

2.3 Project Creation Contract

• Creating a Sztab project must automatically create a Git repository.

• Users must never create repositories in a separate system first.

• Default invariant:

  Project == Repository

2.4 Repository Browsing (Minimum Viable)

• Sztab must provide basic repository browsing:
  • list files
  • navigate directories
  • view file contents
• Advanced Git UI features are explicitly out of scope for this issue.

3. External Git Providers – Optional (Out of Scope for Core)

• External Git systems (GitHub, OneDev, GitLab) are integrations, not dependencies.
• Sztab must remain fully usable without them.
• Sztab must not depend on end-user Git credentials.
• Integration (read-only, via service credentials) may be added later.

This issue concerns internal Git only.

4. Explicit Non-Goals

• Embedding Forgejo, OneDev, or similar systems.
• Managing Git users or credentials.
• OAuth / “connect your Git account” flows.
• Organization-level admin permissions on external Git providers.
• Full Git hosting feature parity (issues, wiki, CI, etc.).

Acceptance Criteria

• Sztab can be deployed via Docker Compose with no external Git system.
• Creating a project results in an immediately usable Git repository.
• No Git authentication or user setup is required.
• Basic repository browsing works from within Sztab.
• Forgejo is no longer required for core functionality.

Work Log / Design Reasoning

Initial State

• Forgejo used to satisfy Git introspection requirements.
• Required separate setup, users, and authentication.
• Introduced friction and undermined Sztab’s product identity.

Design Clarifications

• Internal Git must behave like infrastructure (PostgreSQL, Redis).
• Git must not have its own identity or permission model.
• Sztab must be the sole authority for access control.

Key Architectural Decisions

• Separate internal Git (owned, no users) from external Git integrations (optional).
• Auto-creation of repositories applies only to internal Git projects.
• External repo creation is intentionally deferred.

Rationale

• Reduces onboarding friction.
• Eliminates identity duplication.
• Improves usability and product coherence.
• Aligns with expectations of a modern, integrated system.
• Provides a stable base for future integrations.

Notes / Future Work (Not Part of This Issue)

• External Git provider integrations (GitHub App, OneDev service token).
• Optional external repository creation.
• Push/write workflows.
• Advanced Git UI features.

Summary

This issue establishes the foundation for making Sztab practically usable, self-contained, and competitive by replacing Forgejo with an internal, Sztab-managed Git subsystem.

It is a prerequisite for real-world adoption and daily use.