A-061 - Gitea (VPS-01)
Purpose
Provide source code management and CI/CD capabilities for the Scheol lab.
Asset Type
- Platform
Description
- Self-hosted Git service deployed on a public VPS (VPS-01)
- Hosts repositories, automation workflows and deployment logic
- Supports CI/CD processes used to manage infrastructure and services
Criticality
- Critical
Sensitivity
- Highly Sensitive
Exposure Level
- Public
Trust Zone
- Heaven
Dependencies
- VPS-01 infrastructure
- Reverse Proxy (A-062)
Relationships
- Interacts with CI/CD runners
- May contain credentials, tokens or deployment configurations
- Supports deployment of public-facing services
Security Position (Architecture Context)
- High-value target due to code, automation and potential secrets
- Exposed to the internet via reverse proxy
- Compromise may lead to supply chain attacks or malicious deployments
Existing Protective Measures
- SSH access restricted (key-based authentication, no root)
- Limited administrative access
- Reverse proxy controls exposure (HTTPS)
Owner / Responsibility
- Development Role (Dev)
Notes
- Currently co-hosted with public services (increased risk)
- Planned separation into dedicated instance