# ADR-0001: Current Gitea Docker Compose Architecture

## Status

Accepted.

## Context

Atay Makhzan needs a sovereign Git forge controlled by Saad ibn Zoubayr. The current operational need is reliability, simple maintenance, backups, and controlled upgrades.

## Decision

Run official Gitea in Docker Compose with PostgreSQL, reverse-proxied by Nginx with Certbot TLS.

Current production shape:

- Gitea image pinned to `gitea/gitea:1.26.2`
- PostgreSQL image `postgres:16-alpine`
- Gitea HTTP served locally on port `3001`
- Public HTTPS via Nginx on `ataymakhzan.com`
- Git SSH exposed on port `2222`
- Persistent data mounted under `/opt/gitea`

## Consequences

### Positive

- Simple architecture
- Easy backups
- Easy rollback through Docker image pinning and database dumps
- Low operational burden
- Enough for current private forge needs

### Negative

- Single VPS is a single point of failure
- Scaling and HA are manual future work
- Public customization is limited unless we theme, extend, or fork
- Production safety depends on disciplined backups and upgrade procedure

## Future trigger for revisiting

Revisit this decision if Atay Makhzan needs:

- Multi-node availability
- Custom product features inside the forge
- Organization-wide policy automation not available in Gitea
- Deep UI/UX changes that themes cannot support
- Integrated CI/package registry workflows beyond Gitea's native capabilities