docs: add CI/CD pipeline section and update ship's log

README.md

@@ -26,10 +26,10 @@
 
 ## 🌌 SHIP'S LOG
 
-**STARDATE:** 2025.10.26
+**STARDATE:** 2025.11.15
 **LOCATION:** Deep Space, Uncharted Territories
 **STATUS:** Captain currently engaged in... diplomatic relations with alien civilizations
-**SYSTEMS:** All green, automated deployment active
+**SYSTEMS:** All green, automated deployment active, CI/CD pipeline operational
 
 > *"The Falcon doesn't just traverse the stars — it commands them."*
 > — Captain Valknar, moments before jumping to hyperspace
@@ -62,6 +62,9 @@ The **Falcon** is a state-of-the-art containerized starship, powered by Docker's
 | **NETDATA** | *Real-time ship diagnostics & alerts* | [netdata.pivoine.art](https://netdata.pivoine.art) |
 | **PROXY** | *Shield control dashboard* | [proxy.pivoine.art](https://proxy.pivoine.art) |
 | **VPN** | *Cloaking device network* | [vpn.pivoine.art](https://vpn.pivoine.art) |
+| **GITEA** | *Self-hosted Git & CI/CD platform* | [dev.pivoine.art](https://dev.pivoine.art) |
+| **COOLIFY** | *Self-hosted deployment platform* | [coolify.dev.pivoine.art](https://coolify.dev.pivoine.art) |
+| **ASCIINEMA** | *Terminal recording & sharing* | [asciinema.dev.pivoine.art](https://asciinema.dev.pivoine.art) |
 
 ### ⚙️ INFRASTRUCTURE
 
@@ -306,6 +309,101 @@ docker exec restic_app restic -r /repos snapshots
 
 ---
 
+## 🔄 CI/CD PIPELINE (GITEA ACTIONS)
+
+The **SEXY** mission uses an automated build and deployment pipeline powered by Gitea Actions.
+
+### 📦 Container Registry
+
+**Image Source:** `dev.pivoine.art/valknar/sexy:latest`
+**Registry:** Gitea Container Registry (self-hosted)
+
+### ⚙️ Automated Workflow
+
+```bash
+# Workflow triggers on:
+├─ Push to main/develop branches
+├─ Git tags (v*.*.*)
+├─ Pull requests (build only, no push)
+└─ Manual workflow dispatch
+
+# Build process:
+1. Checkout repository
+2. Set up Docker Buildx
+3. Login to Gitea Container Registry
+4. Extract metadata (tags, labels)
+5. Build multi-platform image (linux/amd64)
+6. Push to registry with cache optimization
+7. Generate deployment summary
+```
+
+### 🏷️ Image Tagging Strategy
+
+```yaml
+# Automatic tags:
+- latest              # Main branch builds
+- develop             # Develop branch builds
+- v1.2.3              # Semantic version tags
+- v1.2                # Major.minor tags
+- v1                  # Major version tags
+- main-abc123         # Branch + commit SHA
+```
+
+### 🚀 Auto-Deployment
+
+**Watchtower** monitors the registry and automatically updates containers when new images are pushed:
+
+```bash
+# Check interval: Every 5 minutes
+# Update strategy: Rolling restart
+# Label-based: Only updates containers with watchtower.enable=true
+
+# Manual pull and restart:
+ssh -A root@vps "cd ~/Projects/docker-compose && \
+  docker pull dev.pivoine.art/valknar/sexy:latest && \
+  arty up -d sexy_frontend"
+```
+
+### 🔑 Required Secrets
+
+Configure in Gitea repository settings:
+
+```bash
+# Repository → Settings → Secrets
+REGISTRY_TOKEN=<gitea_access_token_with_package_write_scope>
+```
+
+### 📊 Build Cache
+
+Uses **registry cache** for faster builds:
+
+```bash
+# Cache location:
+dev.pivoine.art/valknar/sexy:buildcache
+
+# Benefits:
+- Reuses Docker layers between builds
+- Significantly faster rebuild times
+- No GitHub Actions cache dependency
+```
+
+### 🛠️ Runner Configuration
+
+**Gitea Runner:** `docker-runner`
+**Labels:** ubuntu-latest, ubuntu-22.04, ubuntu-20.04
+**Images:** catthehacker/ubuntu:act-* (with Docker pre-installed)
+**Privileged Mode:** Enabled for Docker-in-Docker support
+
+```bash
+# View runner status:
+ssh -A root@vps "docker logs dev_gitea_runner"
+
+# Runner restart:
+ssh -A root@vps "cd ~/Projects/docker-compose && arty restart gitea_runner"
+```
+
+---
+
 ## 🌠 SHIP ARCHITECTURE
 
 ```