chore: bootstrap Atay Makhzan ops repo

This commit is contained in:
2026-06-19 15:35:48 +01:00
commit f6ba9ab02d
14 changed files with 639 additions and 0 deletions
@@ -0,0 +1,49 @@
# ADR-0001: Current Gitea Docker Compose Architecture
## Status
Accepted.
## Context
Atay Makhzan needs a sovereign Git forge controlled by Saad ibn Zoubayr. The current operational need is reliability, simple maintenance, backups, and controlled upgrades.
## Decision
Run official Gitea in Docker Compose with PostgreSQL, reverse-proxied by Nginx with Certbot TLS.
Current production shape:
- Gitea image pinned to `gitea/gitea:1.26.2`
- PostgreSQL image `postgres:16-alpine`
- Gitea HTTP served locally on port `3001`
- Public HTTPS via Nginx on `ataymakhzan.com`
- Git SSH exposed on port `2222`
- Persistent data mounted under `/opt/gitea`
## Consequences
### Positive
- Simple architecture
- Easy backups
- Easy rollback through Docker image pinning and database dumps
- Low operational burden
- Enough for current private forge needs
### Negative
- Single VPS is a single point of failure
- Scaling and HA are manual future work
- Public customization is limited unless we theme, extend, or fork
- Production safety depends on disciplined backups and upgrade procedure
## Future trigger for revisiting
Revisit this decision if Atay Makhzan needs:
- Multi-node availability
- Custom product features inside the forge
- Organization-wide policy automation not available in Gitea
- Deep UI/UX changes that themes cannot support
- Integrated CI/package registry workflows beyond Gitea's native capabilities