diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index 4957ae1..2c6bcda 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -85,6 +85,9 @@ harbor_admin_password: 20Dino00
 ferchau_sftp_user: dkeipp
 ferchau_sftp_password: HISTORY_PURGED_SECRET
 
+gitea_postgres_pw: HISTORY_PURGED_SECRET
+gitea_runner_registration_token: HISTORY_PURGED_SECRET
+
 keycloak_clients:
     python-flask-picture-factory:
         party_secret : "HISTORY_PURGED_SECRET"
@@ -321,3 +324,15 @@ keycloak_clients:
         keycloak_id: "00000000-0000-0000-0000-000000000019"
         groups: ""
         master_address: "https://i.athq.de"
+
+    gitea:
+        party_secret: "SHISTORY_PURGED_SECRET"
+        client_id: gitea
+        client_secret: "HISTORY_PURGED_SECRET"
+        redirect_uris:
+            - "https://git.atlantishq.de/*"
+            - "https://git.athq.de/*"
+        description: "Gitea"
+        keycloak_id: "00000000-0000-0000-0000-000000000020"
+        groups: ""
+        master_address: "https://git.atlantishq.de"
diff --git a/roles/docker-deployments/tasks/main.yaml b/roles/docker-deployments/tasks/main.yaml
index 8204e52..6151e90 100644
--- a/roles/docker-deployments/tasks/main.yaml
+++ b/roles/docker-deployments/tasks/main.yaml
@@ -66,6 +66,8 @@
     - code-server
     - nginx-media-cdn
     - immich
+    - gitea
+    - gitea-runner
 
 - name: Copy AtlantisHub config
   copy:
@@ -120,6 +122,8 @@
     - serienampel
     - nginx-media-cdn
     - immich
+    - gitea
+    - gitea-runner
 
 - name: Copy compose templates
   template:
@@ -148,6 +152,8 @@
     - serienampel
     - nginx-media-cdn
     - immich
+    - gitea
+    - gitea-runner
 
 - name: create sites-enabled dir
   file:
@@ -208,6 +214,8 @@
     - serienampel
     - nginx-media-cdn
     - immich
+    - gitea
+    - gitea-runner
 
 - name: OAuth2Proxy directories
   file:
diff --git a/roles/docker-deployments/templates/gitea-runner.yaml b/roles/docker-deployments/templates/gitea-runner.yaml
new file mode 100644
index 0000000..5720759
--- /dev/null
+++ b/roles/docker-deployments/templates/gitea-runner.yaml
@@ -0,0 +1,14 @@
+version: "3.8"
+services:
+  runner:
+    image: gitea/act_runner:nightly
+    environment:
+      CONFIG_FILE: /config.yaml
+      GITEA_INSTANCE_URL: "https://git.athq.de"
+      GITEA_RUNNER_REGISTRATION_TOKEN: "{{ gitea_runner_registration_token }}"
+      GITEA_RUNNER_NAME: "atlantis-runner"
+      GITEA_RUNNER_LABELS: "ubuntu-latest,atlantis"
+    volumes:
+      - /data/gitea-runner/config.yaml:/config.yaml
+      - /data/gitea-runner/data:/data
+      - /var/run/docker.sock:/var/run/docker.sock
diff --git a/roles/docker-deployments/templates/gitea.yaml b/roles/docker-deployments/templates/gitea.yaml
new file mode 100644
index 0000000..dc373e5
--- /dev/null
+++ b/roles/docker-deployments/templates/gitea.yaml
@@ -0,0 +1,40 @@
+version: "3"
+
+networks:
+  gitea:
+    external: false
+
+services:
+  gitea-server:
+    image: gitea/gitea:latest
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+      - GITEA__database__DB_TYPE=postgres
+      - GITEA__database__HOST=db:5432
+      - GITEA__database__NAME=gitea
+      - GITEA__database__USER=gitea
+      - GITEA__database__PASSWD={{ gitea_postgres_pw }}
+    restart: always
+    networks:
+      - gitea
+    volumes:
+      - /data/gitea/data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "5024:3000"
+      - "222:22"
+    depends_on:
+       - db
+  db:
+    image: postgres:14
+    restart: always
+    environment:
+      - POSTGRES_USER=gitea
+      - POSTGRES_PASSWORD={{ gitea_postgres_pw }}
+      - POSTGRES_DB=gitea
+    networks:
+      - gitea
+    volumes:
+      - /data/gitea/pg-data:/var/lib/postgresql/data