Add self-contained Gitea Git service with PostgreSQL integration

- Implements complete Gitea Git service following rick-infra self-contained architecture
- Uses PostgreSQL infrastructure role as dependency and manages own database/user
- Native Arch Linux installation via pacman packages
- Automatic database setup (gitea database and user creation)
- SystemD service with security hardening and proper dependency management
- Caddy reverse proxy integration deployed to sites-enabled directory
- SSH server on port 2222 with automatic host key generation
- Production-ready with LFS support, security headers, and HTTPS via Caddy
- Follows simplified configuration approach with essential variables only
- Self-contained pattern: service manages complete setup independently

roles/gitea/templates/gitea.caddy.j2

@@ -0,0 +1,32 @@
+# Gitea Caddy Configuration - Rick-Infra
+# Generated by Ansible Gitea role
+# Deployed to {{ caddy_sites_enabled_dir }}/gitea.caddy
+
+{{ gitea_full_domain }} {
+    # Reverse proxy to Gitea
+    reverse_proxy 127.0.0.1:{{ gitea_http_port }}
+
+    # Security headers
+    header {
+        # Enable HSTS
+        Strict-Transport-Security max-age=31536000;
+        # Prevent embedding in frames
+        X-Frame-Options DENY
+        # Prevent content type sniffing
+        X-Content-Type-Options nosniff
+        # XSS protection
+        X-XSS-Protection "1; mode=block"
+    }
+
+    # Logging
+    log {
+        output file /var/log/caddy/gitea_access.log
+    }
+
+    # Optional: Custom error pages
+    handle_errors {
+        respond "Git service temporarily unavailable" 503
+    }
+}
+
+# Rick-Infra: Self-contained Gitea service with Caddy reverse proxy