fix: configure Gitea with proper domain and HTTPS

- Update domain from gitea.turing.lan to gitea.gilgamezh.me
- Configure Traefik ingress with TLS termination
- Set ROOT_URL to https while keeping internal protocol as http
- Enable Let's Encrypt certificate generation

Gitea is now accessible at https://gitea.gilgamezh.me with proper styling.
CSS 404 errors in dev tools are expected - assets are embedded in binary.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

gitea_values.yaml

@@ -18,17 +18,21 @@ service:
 # Ingress for web access  
 ingress:
   enabled: true
-  className: nginx
+  className: traefik
   pathType: Prefix
   annotations:
-    nginx.ingress.kubernetes.io/proxy-body-size: "0"
     # Restrict to LAN access (matching your existing pattern)
-    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16,10.0.0.0/8,172.16.0.0/12"
+    traefik.ingress.kubernetes.io/whitelist.sourcerange: "192.168.0.0/16,10.0.0.0/8,172.16.0.0/12"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
   hosts:
-    - host: gitea.turing.lan
+    - host: gitea.gilgamezh.me
       paths:
         - path: /
           pathType: Prefix
+  tls:
+    - secretName: gitea-tls
+      hosts:
+        - gitea.gilgamezh.me
 
 # Storage using your NFS setup
 persistence:
@@ -67,16 +71,17 @@ gitea:
   admin:
     username: admin
     password: "gitea-admin-pass"  # Change this!
-    email: "admin@turing.lan"
+    email: "admin@gilgamezh.me"
 
   config:
     APP_NAME: "TuringPi Gitea"
     RUN_MODE: prod
     
     server:
-      DOMAIN: gitea.turing.lan
+      DOMAIN: gitea.gilgamezh.me
-      SSH_DOMAIN: gitea.turing.lan
+      SSH_DOMAIN: gitea.gilgamezh.me
-      ROOT_URL: http://gitea.turing.lan
+      ROOT_URL: https://gitea.gilgamezh.me
+      PROTOCOL: http
       DISABLE_SSH: false
       SSH_PORT: 22
       LFS_START_SERVER: true