Restores the newer local gitea-values.sops.yaml (2026-03-27) over the
upstream scaffold (2026-03-10). Adds database, cache, session, and queue
sections pointing to external PostgreSQL/Valkey (S3 platform services),
and disables bundled postgresql/redis/valkey sub-charts.
Also adds .sops.yaml encryption policy for railiance-apps.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Receive gitea-values.sops.yaml from railiance-cluster — S5 now
owns the Gitea deployment lifecycle per ADR-003 boundary rules.
Add gitea-deploy and gitea-status Makefile targets. Update
SCOPE.md to reflect boundary violation resolved.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PGPool default 250m CPU request was causing scheduling failures on the
single-node COULOMBCORE cluster (2 vCPU, 98% allocated). Reduced to
100m request / 200m limit — safe for a lightweight connection pooler.
See INC-001: the-custodian/ops/incidents/2026-03-25-gitea-pgpool-crashloop.md
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
