50 lines
1.4 KiB
Markdown
50 lines
1.4 KiB
Markdown
# ADR-0001: Current Gitea Docker Compose Architecture
|
|
|
|
## Status
|
|
|
|
Accepted.
|
|
|
|
## Context
|
|
|
|
Atay Makhzan needs a sovereign Git forge controlled by Saad ibn Zoubayr. The current operational need is reliability, simple maintenance, backups, and controlled upgrades.
|
|
|
|
## Decision
|
|
|
|
Run official Gitea in Docker Compose with PostgreSQL, reverse-proxied by Nginx with Certbot TLS.
|
|
|
|
Current production shape:
|
|
|
|
- Gitea image pinned to `gitea/gitea:1.26.2`
|
|
- PostgreSQL image `postgres:16-alpine`
|
|
- Gitea HTTP served locally on port `3001`
|
|
- Public HTTPS via Nginx on `ataymakhzan.com`
|
|
- Git SSH exposed on port `2222`
|
|
- Persistent data mounted under `/opt/gitea`
|
|
|
|
## Consequences
|
|
|
|
### Positive
|
|
|
|
- Simple architecture
|
|
- Easy backups
|
|
- Easy rollback through Docker image pinning and database dumps
|
|
- Low operational burden
|
|
- Enough for current private forge needs
|
|
|
|
### Negative
|
|
|
|
- Single VPS is a single point of failure
|
|
- Scaling and HA are manual future work
|
|
- Public customization is limited unless we theme, extend, or fork
|
|
- Production safety depends on disciplined backups and upgrade procedure
|
|
|
|
## Future trigger for revisiting
|
|
|
|
Revisit this decision if Atay Makhzan needs:
|
|
|
|
- Multi-node availability
|
|
- Custom product features inside the forge
|
|
- Organization-wide policy automation not available in Gitea
|
|
- Deep UI/UX changes that themes cannot support
|
|
- Integrated CI/package registry workflows beyond Gitea's native capabilities
|