diff --git a/group_vars/gitea.yml b/group_vars/gitea.yml
new file mode 100644
index 0000000..985e033
--- /dev/null
+++ b/group_vars/gitea.yml
@@ -0,0 +1,8 @@
+---
+datadisks:
+  - {size: 10, type: hdd}
+
+firewall_in:
+  - {proto: tcp, port: 22, from: [172.20.20.0/22]}
+  - {proto: tcp, port: 443, from: [172.20.20.0/22]}
+  - {proto: tcp, port: 4949, from: [172.20.20.0/22]}
diff --git a/host_vars/gitea02.home.foo.sh.yml b/host_vars/gitea02.home.foo.sh.yml
new file mode 100644
index 0000000..56bb5fa
--- /dev/null
+++ b/host_vars/gitea02.home.foo.sh.yml
@@ -0,0 +1,6 @@
+---
+vmhost: vmhost02.home.foo.sh
+network_interfaces:
+  - device: eth0
+    vlan: 20
+    mac: 52:54:00:ac:dc:78
diff --git a/hosts.yml b/hosts.yml
index 53bfe1d..92f4e7c 100644
--- a/hosts.yml
+++ b/hosts.yml
@@ -20,6 +20,12 @@ fsolgw:
 git:
   hosts:
     git02.home.foo.sh:
+gitea:
+  hosts:
+    gitea02.home.foo.sh:
+  vars:
+    gitea_version: "1.18.1"
+    gitea_checksum: "sha1:0e117034647fb4a1949a129132de0535c6a7140f"
 homeassistant:
   hosts:
     homeassistant01.home.foo.sh:
@@ -140,6 +146,7 @@ rocky9:
   children:
     adm:
     git:
+    gitea:
     influxdb:
     ldap:
     mirror:
diff --git a/playbooks/gitea.yml b/playbooks/gitea.yml
new file mode 100644
index 0000000..72fec32
--- /dev/null
+++ b/playbooks/gitea.yml
@@ -0,0 +1,28 @@
+---
+- name: Deploy KVM virtual machines
+  ansible.builtin.import_playbook: include/deploy-kvm-guest.yml
+  vars:
+    myhosts: gitea
+
+- name: Configure instance
+  hosts: gitea
+  user: root
+  gather_facts: true
+
+  vars_files:
+    - "{{ ansible_private }}/vars.yml"
+
+  pre_tasks:
+    - name: Mount /export
+      ansible.posix.mount:
+        name: /export
+        src: LABEL=/export
+        fstype: xfs
+        opts: noatime,noexec,nosuid,nodev
+        passno: "0"
+        dump: "0"
+        state: mounted
+
+  roles:
+    - base
+    - gitea