MISSION BRIEF PILOT PM / SOVEREIGN INFRASTRUCTURE

Developer Stack

Your code stays on your infrastructure. Full stop.

GitHub is convenient. It is also Microsoft, subject to US law, training Copilot on your private repositories, and one acquisition away from changing the terms again. Your source code is your most valuable asset. Treat it accordingly.

Is this for you?

→ Your team uses GitHub, GitLab SaaS, or Bitbucket — and someone has asked where your code actually lives → You have IP, client code, or proprietary algorithms that cannot be on US-owned infrastructure → You've hit GitHub Actions billing limits or want CI/CD that runs on your own hardware → You want a dev environment that works the same way on every machine, without fighting Docker Desktop licensing

What this means in practice

Your code never leaves your servers

no Microsoft telemetry, no Copilot training, no CLOUD Act exposure

Unlimited private repositories

no per-seat repository limits, no usage caps

CI/CD on your hardware

no Actions minutes billing, no queues, your runners your rules

One identity for everything

SSO across Git, CI, registry, and every dev tool

What PILOT deploys for you

Private Git Hosting

Gitea or Forgejo on dedicated EU infrastructure. GitHub-compatible API, pull requests, issues, project boards, container registry, package registry. Your team migrates from GitHub in an afternoon — workflows, webhooks, and all.

CI/CD Pipelines

Gitea Actions or Woodpecker CI — GitHub Actions-compatible syntax means existing workflows run with minimal changes. Runners on your infrastructure, no billing per minute, no shared queues slowing you down.

Container & Package Registry

Private Docker registry and package registry integrated with your Git instance. Build once, store privately, deploy anywhere on your stack.

Managed Identity

Authentik or Keycloak as your SSO layer — one login for Git, CI, registry, internal tools, and anything else you add. LDAP, OIDC, SAML. Hardware MFA supported.

Private AI Code Assistant

Ollama running open-weight code models — Codestral, DeepSeek Coder, or similar — as a private GitHub Copilot alternative. Your code never leaves your infrastructure to train anyone's model.

Dev Environments

Consistent, reproducible development environments on private infrastructure. No more "works on my machine" — spin up identical environments for every team member from a single configuration.

Who this is for

→ Software teams where source code is the product — agencies, ISVs, product companies with IP to protect

→ Teams in regulated industries where client code or data-touching systems cannot live on US-owned infrastructure

→ Engineering teams at companies leaving Microsoft — replace Azure DevOps and GitHub with a sovereign alternative

→ Any team that has looked at their GitHub bill and wondered if there's a better way

The stack

Git hosting — Gitea or Forgejo, GitHub-compatible
CI/CD — Gitea Actions or Woodpecker CI
Registry — Gitea built-in container and package registry
Identity — Authentik or Keycloak, SSO + MFA
AI assistant — Ollama + Codestral/DeepSeek Coder
Storage — S3-compatible artifact and LFS storage
Monitoring — TOWER tracks uptime, runner status, and pipeline health

// NERD TALK

Not your thing? Skip to Related missions.

Gitea vs Forgejo — Forgejo is the community fork with non-profit governance and GPL licensing; Gitea has more enterprise features (SAML, advanced audit). We deploy either. For most teams, Forgejo is the safer long-term bet.
GitHub API compatibility — Gitea/Forgejo implement the GitHub REST API. Most tooling that works with GitHub works without modification.
Gitea Actions — GitHub Actions YAML syntax compatible. Runners are standard act-runner containers. Existing workflows migrate with minimal changes.
Resource requirements — Gitea/Forgejo idle at ~400MB RAM. A 2 vCPU / 4GB VM handles 50+ active developers comfortably.
LFS — Git LFS supported. Large binary assets (models, datasets, media) stored in S3-compatible backend.
Code AI — Codestral 22B @ Q4 = ~13GB VRAM. DeepSeek Coder 7B = ~4GB. Continue.dev or compatible LSP extension connects to Ollama endpoint.

Want to build this yourself?

Read the Pilot Book: Developer Infrastructure — self-hosting Gitea/Forgejo, setting up runners, and building a full dev stack on your own infrastructure.

Related missions

AI/ML Stack — private GPU for code AI and inference
Business Stack — if your team needs collaboration tools beyond development
Migration — moving from GitHub, GitLab SaaS, or Azure DevOps

Related services

Infrastructure — the compute layer behind your dev stack
Managed Identity — SSO and access control across your tools
TOWER Monitoring — uptime and pipeline health tracking

Your code built your business. Keep it yours.