diff --git a/inventories/group_vars/gitea_servers.yml b/inventories/group_vars/gitea_servers.yml
index 97207ea..c2555b3 100644
--- a/inventories/group_vars/gitea_servers.yml
+++ b/inventories/group_vars/gitea_servers.yml
@@ -1,6 +1,6 @@
 ---
 
-gitea_fqdn: https://git.metaunix.net
+gitea_fqdn: git.metaunix.net
 gitea_http_port: 3000
 gitea_data_dir: /var/lib/gitea
 
@@ -9,8 +9,38 @@ gitea_ssh_port: 22
 gitea_user: git
 gitea_start_ssh: False
 
-gitea_disable_registration: False
+gitea_disable_registration: True
+gitea_show_registration_button: False
 gitea_require_signin: False
 
 gitea_enable_push_create_org: True
 gitea_enable_push_create_user: True
+
+# Nginx reverse proxy config
+nginx_worker_processes: "{{ ansible_processor_vcpus|default(ansible_processor_count) }}"
+nginx_worker_connections: '1024'
+nginx_multi_accept: 'off'
+nginx_remove_default_vhost: True
+nginx_vhosts:
+  - listen: '80 default_server'
+    server_name: 'gitea.int.metaunix.net git.metaunix.net'
+    extra_parameters: |
+      # Proxy settings for Gitea
+      location / {
+        proxy_pass http://127.0.0.1:3000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 30;
+      }
+
+      # Optional: serve /assets directly if needed
+      location /assets/ {
+        proxy_pass http://127.0.0.1:3000/assets/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 30;
+      }
diff --git a/inventories/host_vars/mustafar.yml b/inventories/host_vars/mustafar.yml
index 1e6295d..b79c1b2 100644
--- a/inventories/host_vars/mustafar.yml
+++ b/inventories/host_vars/mustafar.yml
@@ -1,3 +1,4 @@
 ---
 
-gitea_version: 1.25.5
+gitea_version: '1.25.5'
+gitea_root_url: 'https://git.metaunix.net'
diff --git a/playbooks/gitea.yml b/playbooks/gitea.yml
index 75d73a1..3cd37cf 100644
--- a/playbooks/gitea.yml
+++ b/playbooks/gitea.yml
@@ -6,3 +6,10 @@
 
   roles:
     - roles-ansible.gitea
+
+- name: Install Nginx
+  hosts: gitea_servers
+  become: True
+
+  roles:
+    - geerlingguy.nginx
diff --git a/requirements.yml b/requirements.yml
index f6f0945..2bcaecc 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -3,5 +3,7 @@ collections:
   - name: community.general
 
 roles:
+  - src: geerlingguy.nginx
+    version: 3.3.0
   - src: roles-ansible.gitea
     version: v3.6.3