How to securely expose gogs to friends?

Today (may 9, 2020) I installed the latest Gogs
on fresh Ubuntu 18.04 OS running on 5th gen i3 processor
I am using SqliteDB

It is not possible to reproduce the bug on try.gogs.io.

I am running it at http://localhost:3000 and it is amazing.

How can I expose my instance of Gogs to my friends?

I read Deploy Gogs in AWS with Let's encrypt but its solution I didn’t understand.

I learned about port forwarding but if I do that I am afraid anyone with my IP could access my Gogs - I want a password authentication in between. A password only my friends know.

How can I achieve that?

Thansk.

If you make Gogs listen on 0.0.0.0, everyone with your public IP can access Gogs directly with IP:PORT, so you would have to make sure to configure Gogs to only listen on localhost or 127.0.0.1.

In addition to have password protection from your choice of web server (NGINX or Caddy), you can make Gogs signin-required and disable self-signup:

(be sure to restart Gogs to take effect)