From 3e7c7ccff3e12ae6b1385d1343212b96b8a7b16d Mon Sep 17 00:00:00 2001
From: sanasol <mail@sanasol.ws>
Date: Fri, 20 Feb 2026 01:33:21 +0100
Subject: [PATCH] fix: use domain for API calls, direct IP only for file
 uploads

Cloudflare runners can't reach direct IP. Split into two env vars:
- FORGEJO_API (domain) for release creation and ID lookups
- FORGEJO_UPLOAD (direct IP) for large file uploads >100MB

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .github/workflows/release.yml | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e78941a..50630a1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,8 +7,10 @@ on:
   workflow_dispatch:
 
 env:
-  # Upload via direct IP to bypass Cloudflare 100MB upload limit
-  FORGEJO_API: https://208.69.78.130/api/v1
+  # Domain for small API calls (goes through Cloudflare - fine for <100MB)
+  FORGEJO_API: https://git.sanhost.net/api/v1
+  # Direct IP for large file uploads to bypass Cloudflare 100MB limit
+  FORGEJO_UPLOAD: https://208.69.78.130/api/v1
 
 jobs:
   create-release:
@@ -17,7 +19,7 @@ jobs:
       - uses: actions/checkout@v4
       - name: Create Draft Release
         run: |
-          curl -sk -X POST "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases" \
+          curl -s -X POST "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases" \
             -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
             -H "Content-Type: application/json" \
             -d "{\"tag_name\":\"${{ github.ref_name }}\",\"name\":\"${{ github.ref_name }}\",\"body\":\"Release ${{ github.ref_name }}\",\"draft\":true,\"prerelease\":false}" \
@@ -52,12 +54,12 @@ jobs:
 
       - name: Upload to Release
         run: |
-          RELEASE_ID=$(curl -sk "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/tags/${{ github.ref_name }}" \
+          RELEASE_ID=$(curl -s "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/tags/${{ github.ref_name }}" \
             -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" | python3 -c 'import sys,json; print(json.load(sys.stdin)["id"])')
           for file in dist/*.exe dist/*.exe.blockmap dist/latest.yml; do
             [ -f "$file" ] || continue
             echo "Uploading $file..."
-            curl -sk -X POST "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)" \
+            curl -sk -X POST "${FORGEJO_UPLOAD}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)" \
               -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
               -F "attachment=@${file}" || echo "Failed to upload $file"
           done
@@ -83,12 +85,12 @@ jobs:
 
       - name: Upload to Release
         run: |
-          RELEASE_ID=$(curl -sk "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/tags/${{ github.ref_name }}" \
+          RELEASE_ID=$(curl -s "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/tags/${{ github.ref_name }}" \
             -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" | python3 -c 'import sys,json; print(json.load(sys.stdin)["id"])')
           for file in dist/*.dmg dist/*.zip dist/*.blockmap dist/latest-mac.yml; do
             [ -f "$file" ] || continue
             echo "Uploading $file..."
-            curl -sk -X POST "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)" \
+            curl -sk -X POST "${FORGEJO_UPLOAD}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)" \
               -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
               -F "attachment=@${file}" || echo "Failed to upload $file"
           done
@@ -113,12 +115,12 @@ jobs:
 
       - name: Upload to Release
         run: |
-          RELEASE_ID=$(curl -sk "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/tags/${{ github.ref_name }}" \
+          RELEASE_ID=$(curl -s "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/tags/${{ github.ref_name }}" \
             -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" | python3 -c 'import sys,json; print(json.load(sys.stdin)["id"])')
           for file in dist/*.AppImage dist/*.AppImage.blockmap dist/*.deb dist/*.rpm dist/latest-linux.yml; do
             [ -f "$file" ] || continue
             echo "Uploading $file..."
-            curl -sk -X POST "${FORGEJO_API}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)" \
+            curl -sk -X POST "${FORGEJO_UPLOAD}/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename $file)" \
               -H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
               -F "attachment=@${file}" || echo "Failed to upload $file"
           done