diff --git a/.drone.yml b/.drone.yml
index 868beb0..1dacea8 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -3,14 +3,17 @@ kind: pipeline
 name: deploy to swarm-test.autonomic.zone
 steps:
   - name: deployment
-    image: decentral1se/stack-ssh-deploy:latest
+    image: thecoopcloud/stack-ssh-deploy:latest
     settings:
       host: swarm-test.autonomic.zone
       stack: gitea
+      networks:
+       - proxy
       generate_secrets: true
       purge: true
       deploy_key:
         from_secret: drone_ssh_swarm_test
+      compose: "compose.yml:compose.mariadb.yml"
     environment:
       APP_INI_VERSION: v1
       DOCKER_SETUP_SH_VERSION: v1
@@ -37,11 +40,17 @@ trigger:
     - master
 ---
 kind: pipeline
-name: recipe release
+name: generate recipe catalogue
 steps:
   - name: release a new version
-    image: thecoopcloud/drone-abra:latest
+    image: plugins/downstream
     settings:
-      command: recipe gitea release
-      deploy_key:
-        from_secret: abra_bot_deploy_key
+      server: https://build.coopcloud.tech
+      token:
+        from_secret: drone_abra-bot_token
+      fork: true
+      repositories:
+        - coop-cloud/auto-recipes-catalogue-json
+
+trigger:
+  event: tag
diff --git a/.env.sample b/.env.sample
index 9accacd..e562e4c 100644
--- a/.env.sample
+++ b/.env.sample
@@ -1,7 +1,13 @@
 TYPE=gitea
 
-DOMAIN={{ .Domain }}
+DOMAIN=gitea.example.com
 LETS_ENCRYPT_ENV=production
+COMPOSE_FILE="compose.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
+# COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"
+
+# Enable to use forgejo instead of gitea
+# COMPOSE_FILE="$COMPOSE_FILE:compose.forgejo.yml"
 
 GITEA_DOMAIN=git.example.com
 GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION=true
@@ -27,7 +33,7 @@ SECRET_JWT_SECRET_VERSION=v1 # length=43
 SECRET_SECRET_KEY_VERSION=v1 # length=64
 
 # SMTP Mailer
-# COMPOSE_FILE="compose.yml:compose.smtp.yml"
+# COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
 # GITEA_SMTP_MAILER_ENABLED=1
 # GITEA_MAILER_HOST=mail.gandi.net:465
 # SECRET_SMTP_PASSWORD_VERSION=v1
diff --git a/README.md b/README.md
index 03e24ca..1fb8d6f 100644
--- a/README.md
+++ b/README.md
@@ -19,9 +19,9 @@
 2. Deploy [`coop-cloud/traefik`][cc-traefik]
 3. `abra app new gitea --secrets` (optionally with `--pass` if you'd like
    to save secrets in `pass`)
-4. `abra app YOURAPPDOMAIN config` - be sure to change `$DOMAIN` to something that resolves to
+4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to
    your Docker swarm box
-5. `abra app YOURAPPDOMAIN deploy`
+5. `abra app deploy YOURAPPDOMAIN`
 
 ## Create first user
 
diff --git a/compose.forgejo.yml b/compose.forgejo.yml
new file mode 100644
index 0000000..8aee549
--- /dev/null
+++ b/compose.forgejo.yml
@@ -0,0 +1,5 @@
+version: '3.8'
+
+services:
+  app:
+    image: codeberg.org/forgejo/forgejo:1.18.2-0-rootless
diff --git a/compose.mariadb.yml b/compose.mariadb.yml
new file mode 100644
index 0000000..8be57ec
--- /dev/null
+++ b/compose.mariadb.yml
@@ -0,0 +1,37 @@
+version: '3.8'
+
+services:
+  app:
+    environment:
+      - GITEA_DB_TYPE=mysql
+      - GITEA_DB_HOST="db:3306"
+      - GITEA_DB_NAME=gitea
+      - GITEA_DB_USER=gitea
+  db:
+    image: "mariadb:10.9"
+    command: |
+      mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
+    environment:
+      - MYSQL_DATABASE=gitea
+      - MYSQL_USER=gitea
+      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
+      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
+    secrets:
+      - db_password
+      - db_root_password
+    volumes:
+      - "mariadb:/var/lib/mysql"
+    networks:
+      - internal
+
+secrets:
+  db_password:
+    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+    external: true
+  db_root_password:
+    name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
+    external: true
+
+volumes:
+  mariadb:
+  internal:
diff --git a/compose.postgres.yml b/compose.postgres.yml
new file mode 100644
index 0000000..24c681a
--- /dev/null
+++ b/compose.postgres.yml
@@ -0,0 +1,30 @@
+version: '3.8'
+
+services:
+  app:
+    environment:
+      - GITEA_DB_TYPE=postgres
+      - GITEA_DB_HOST="db:5432"
+      - GITEA_DB_NAME=gitea
+      - GITEA_DB_USER=gitea
+  db:
+    image: postgres:9.6
+    environment: 
+      - POSTGRES_DB=gitea
+      - POSTGRES_USER=gitea
+      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+    secrets:
+      - db_password
+    volumes:
+      - db:/var/lib/postgresql/data
+    networks:
+      - internal
+
+secrets:
+  db_password:
+    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
+    external: true
+
+volumes:
+  db:
+  internal:
diff --git a/compose.yml b/compose.yml
index a94b4e2..0a3e130 100644
--- a/compose.yml
+++ b/compose.yml
@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: "gitea/gitea:1.17.3-rootless"
+    image: "gitea/gitea:1.18.5-rootless"
     configs:
       - source: app_ini
         target: /etc/gitea/app.ini
@@ -19,10 +19,6 @@ services:
       - GITEA_ALLOW_ONLY_EXTERNAL_REGISTRATION
       - GITEA_APP_NAME
       - GITEA_AUTO_WATCH_NEW_REPOS
-      - GITEA_DB_HOST="db:3306"
-      - GITEA_DB_NAME=gitea
-      - GITEA_DB_TYPE=mysql
-      - GITEA_DB_USER=gitea
       - GITEA_DISABLE_REGISTRATION
       - GITEA_DOMAIN=${DOMAIN}
       - GITEA_ENABLE_NOTIFY_MAIL
@@ -38,6 +34,7 @@ services:
       - GITEA_UPDATE_AVATAR
       - GITEA_ACCOUNT_LINKING
       - GITEA_OAUTH2_CLIENT_ENABLED
+      - GITEA_CORS_ALLOW_DOMAIN
     volumes:
       - data:/var/lib/gitea
       - config:/etc/gitea
@@ -59,24 +56,13 @@ services:
         - "traefik.tcp.routers.${STACK_NAME}-ssh.rule=HostSNI(`*`)"
         - "traefik.tcp.routers.${STACK_NAME}-ssh.entrypoints=gitea-ssh"
         - "traefik.tcp.services.${STACK_NAME}-ssh.loadbalancer.server.port=${GITEA_SSH_PORT}"
-        - coop-cloud.${STACK_NAME}.version=1.3.1+1.17.3-rootless
+        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}_cors"
+        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolallowmethods=GET,OPTIONS,PUT"
+        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolalloworiginlist=https://${GITEA_CORS_ALLOW_DOMAIN}"
+        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.accesscontrolmaxage=100"
+        - "traefik.http.middlewares.${STACK_NAME}_cors.headers.addvaryheader=true"
+        - coop-cloud.${STACK_NAME}.version=2.1.0+1.18.5-rootless
 
-  db:
-    image: "mariadb:10.9"
-    command: |
-      mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
-    environment:
-      - MYSQL_DATABASE=gitea
-      - MYSQL_USER=gitea
-      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
-      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
-    secrets:
-      - db_password
-      - db_root_password
-    volumes:
-      - "mariadb:/var/lib/mysql"
-    networks:
-      - internal
 
 networks:
   internal:
@@ -94,12 +80,6 @@ configs:
     template_driver: golang
 
 secrets:
-  db_password:
-    name: ${STACK_NAME}_db_password_${SECRET_DB_PASSWORD_VERSION}
-    external: true
-  db_root_password:
-    name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
-    external: true
   internal_token:
     name: ${STACK_NAME}_internal_token_${SECRET_INTERNAL_TOKEN_VERSION}
     external: true
@@ -113,4 +93,3 @@ secrets:
 volumes:
   data:
   config:
-  mariadb:
diff --git a/release/2.0.0+1.18.0-rootless b/release/2.0.0+1.18.0-rootless
new file mode 100644
index 0000000..f02d11b
--- /dev/null
+++ b/release/2.0.0+1.18.0-rootless
@@ -0,0 +1,8 @@
+This release adds the possibility to run gitea with postgres.
+Please add the following lines to your servers .env file!
+
+```
+COMPOSE_FILE="compose.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
+# COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"
+```