A Simple Gitweb- Un-Google

Published on January 2, 2026

A 2026 goal of mine is to un-Google- that is more broadly, get rid of my ties to big tech.

I've been investigating a method for sharing source code that doesn't involve such.

Given a remote server, I can use something like gitolite to administer and control access to repositories I would like to share. And I can use gitweb for browser-based access to repositories I would like to make visible in browser.

Here I created a compose file:

version: "3"

services:

  proxy:
    image: docker.io/jwilder/nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    environment:
      - TRUST_DOWNSTREAM_PROXY=false
    container_name: nginx-proxy
    volumes:
      - /usr/share/nginx/html:/usr/share/nginx/html:rw
      - /etc/nginx/vhost.d:/etc/nginx/vhost.d:rw
      - /opt/srv/certs:/etc/nginx/certs:rw
      - /run/podman/podman.sock:/tmp/docker.sock:ro
    labels:
      - com.github.nginx-proxy.nginx

  gitweb:
    image: docker.io/mlan/gitweb
    container_name: gitweb-app
    expose:
      - 80
    environment:
      - VIRTUAL_HOST=gitweb.hemminger.haus
      - VIRTUAL_PORT=80
      - LETSENCRYPT_HOST=gitweb.hemminger.haus
      - LETSENCRYPT_EMAIL=<le@moi>
      - PROJECTROOT=/home/git/repositories/
      - PROJECTS_LIST=/home/git/projects.list
    volumes:
      - /home/git/repositories:/home/git/repositories:ro
      - /home/git/projects.list:/home/git/projects.list:ro

  letsencrypt:
    image: docker.io/jrcs/letsencrypt-nginx-proxy-companion
    container_name: nginx-proxy-acme
    environment:
      - NGINX_PROXY_CONTAINER=nginx-proxy
      - DEFAULT_EMAIL=<le@moi>
    volumes:
      - /opt/srv/certs:/etc/nginx/certs:rw
      - /usr/share/nginx/html:/usr/share/nginx/html:rw
      - /etc/nginx/vhost.d:/etc/nginx/vhost.d:rw
      - /run/podman/podman.sock:/var/run/docker.sock:ro
      - /opt/srv/acme:/etc/acme.sh:rw

The containers communicate via docker socket (or podman in this case), so that bringing up the gitweb container triggers an event in the proxy, which is acted upon by the letsencrypt container to submit for an SSL certificate. So, with these 3 containers, I can run gitweb, and get an SSL cert. However, I wonder if I could achieve the same functionality with only two containers? I suspect the proxy container could serve gitweb content. And similarly, the proxy companion container runs a polling process which isn't demanding. It could probably be rolled into one container. On the other hand, the 3 containers split functionality logically as it is now. It's clear that the letsencrypt container handles certs, the proxy container manages events and proxies requests, and gitweb serves web assets. Further, this solution is extensible should I want to extend it and add a container.