diff --git a/.forgejo/workflows/pull_request.yml b/.forgejo/workflows/pull_request.yml
new file mode 100644
index 0000000..dbe282e
--- /dev/null
+++ b/.forgejo/workflows/pull_request.yml
@@ -0,0 +1,37 @@
+on: [pull_request]
+jobs:
+  ls:
+    runs-on: docker
+    container:
+      image: git.php.fail/lubiana/container/php:8.4.8-ci
+    steps:
+      - name: Manually checkout
+        env:
+          REPO: '${{ github.repository }}'
+          TOKEN: '${{ secrets.GITHUB_TOKEN }}'
+          GIT_SERVER: 'git.hannover.ccc.de'
+        run: |
+               git clone --branch $GITHUB_HEAD_REF https://${TOKEN}@${GIT_SERVER}/${REPO}.git .
+               git fetch
+               git checkout $GITHUB_HEAD_REF
+      - name: composer install
+        env:
+          COMPOSER_CACHE_DIR: /opt/hostedtoolcache/.composer/cache/files
+        run: |
+          mkdir -p ${{ env.COMPOSER_CACHE_DIR }}
+          composer install
+      - name: lint
+        run: composer lint
+      - name: test
+        run: composer test
+      - name: GIT commit and push all changed files
+        env:
+          CI_COMMIT_MESSAGE: Continuous Integration Fixes
+          CI_COMMIT_AUTHOR: Continuous Integration
+        run: |
+          if [[ -n "$(git status -s)" ]]; then
+            git config --global user.name "${{ env.CI_COMMIT_AUTHOR }}"
+            git config --global user.email "gitbot@users.noreply.php.fail"
+            git commit -am "${{ env.CI_COMMIT_MESSAGE }}"
+            git push
+          fi
diff --git a/.forgejo/workflows/push.yml b/.forgejo/workflows/push.yml
new file mode 100644
index 0000000..96d898a
--- /dev/null
+++ b/.forgejo/workflows/push.yml
@@ -0,0 +1,41 @@
+on:
+  push:
+    branches:
+      - 'main'
+jobs:
+  ls:
+    runs-on: docker
+    container:
+      image: git.php.fail/lubiana/container/php:8.4.8-ci
+    steps:
+      - name: Manually checkout
+        env:
+          REPO: '${{ github.repository }}'
+          TOKEN: '${{ secrets.GITHUB_TOKEN }}'
+          BRANCH: '${{ env.GITHUB_REF_NAME }}'
+          GIT_SERVER: 'git.hannover.ccc.de'
+        run: |
+          git clone --branch $GITHUB_REF_NAME https://${TOKEN}@${GIT_SERVER}/${REPO}.git .
+          git fetch
+          git checkout ${{ github.head_ref }}
+      - name: composer install
+        env:
+          COMPOSER_CACHE_DIR: /opt/hostedtoolcache/.composer/cache/files
+        run: |
+          mkdir -p ${{ env.COMPOSER_CACHE_DIR }}
+          composer install
+      - name: lint
+        run: composer lint
+      - name: test
+        run: composer test
+      - name: GIT commit and push all changed files
+        env:
+          CI_COMMIT_MESSAGE: Continuous Integration Fixes
+          CI_COMMIT_AUTHOR: Continuous Integration
+        run: |
+          if [[ -n "$(git status -s)" ]]; then
+            git config --global user.name "${{ env.CI_COMMIT_AUTHOR }}"
+            git config --global user.email "gitbot@users.noreply.php.fail"
+            git commit -am "${{ env.CI_COMMIT_MESSAGE }}"
+            git push
+          fi
diff --git a/.forgejo/workflows/release.yml b/.forgejo/workflows/release.yml
new file mode 100644
index 0000000..a42f7fc
--- /dev/null
+++ b/.forgejo/workflows/release.yml
@@ -0,0 +1,49 @@
+on:
+  release
+jobs:
+  ls:
+    runs-on: docker
+    container:
+      image: git.php.fail/lubiana/container/php:8.4.8-ci
+    steps:
+      - name: Manually checkout
+        env:
+          REPO: '${{ github.repository }}'
+          TOKEN: '${{ secrets.GITHUB_TOKEN }}'
+          BRANCH: '${{ env.GITHUB_REF_NAME }}'
+          GIT_SERVER: 'hannover.ccc.de/gitlab'
+        run: |
+          git clone --branch $GITHUB_REF_NAME https://${TOKEN}@${GIT_SERVER}/${REPO}.git .
+          git fetch
+          git checkout ${{ github.head_ref }}
+      - name: prepare deploy
+        run: sh ./deploy/prepare-deploy.sh
+      - name: deploy
+        env:
+          HOST: 'web.server.c3h'
+          USERNAME: 'c3h-futtern'
+          TARGETDIR: '/home/c3h-futtern/saufen'
+          HOMEDIR: '/home/c3h-futtern'
+          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+        run: |
+          mkdir -p ~/.ssh/
+          # Print the SSH key, replacing newline characters with actual new lines
+          echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
+          # Set appropriate permissions for the SSH key
+          chmod 600 ~/.ssh/id_rsa
+          # Add the remote host's key to the known_hosts file to avoid authenticity confirmation
+          ssh-keyscan -H $HOST >> ~/.ssh/known_hosts
+          # stop services
+          ssh ${USERNAME}@${HOST} systemctl --user stop pod-saufen
+          # backup database
+          ssh ${USERNAME}@${HOST} "cp ${HOMEDIR}/saufen/app/var/data.db ${HOMEDIR}/backup/data-saufen.db-$(date +\"%Y%m%d%H%M%S\")"
+          # only keep last 10 backupts
+          ssh ${USERNAME}@${HOST} "find ${HOMEDIR}/backup/ -type f | sort | head -n -10 | xargs rm -f"
+          # SCP files to the remote host
+          rsync -avz --delete deploy/ ${USERNAME}@${HOST}:${TARGETDIR} --exclude=var
+          # run update script
+          ssh ${USERNAME}@${HOST} /home/c3h-futtern/saufen/update.sh
+
+
+
+
diff --git a/deploy/etc/caddy/Caddyfile b/deploy/etc/caddy/Caddyfile
new file mode 100644
index 0000000..7dfd1c4
--- /dev/null
+++ b/deploy/etc/caddy/Caddyfile
@@ -0,0 +1,7 @@
+:8090 {
+    log
+	root * /var/www/html/public
+	php_fastcgi localhost:9001
+	file_server
+    encode zstd gzip
+}
diff --git a/deploy/etc/php84/php-fpm.d/www.conf b/deploy/etc/php84/php-fpm.d/www.conf
new file mode 100644
index 0000000..e5a895d
--- /dev/null
+++ b/deploy/etc/php84/php-fpm.d/www.conf
@@ -0,0 +1,13 @@
+[www]
+
+user = root
+group = root
+listen = 9001
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+env[APP_ENV]=$APP_ENV
+env[APP_SECRET]=$APP_SECRET
+catch_workers_output = yes
diff --git a/deploy/local-deploy.sh b/deploy/local-deploy.sh
new file mode 100755
index 0000000..576ed18
--- /dev/null
+++ b/deploy/local-deploy.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env sh
+
+export HOMEDIR='/home/c3h-futtern/'
+
+. ./deploy/prepare-deploy.sh
+ssh leitstelle-futtern 'systemctl --user stop pod-futtern'
+ssh leitstelle-futtern "cp ${HOMEDIR}/saufen/app/var/data.db ${HOMEDIR}/backup/dat-saufena.db-$(date +\"%Y%m%d%H%M%S\")"
+ssh leitstelle-futtern "find ${HOMEDIR}/backup/ -type f | sort | head -n -10 | xargs rm -f"
+rsync -avz --delete deploy/ leitstelle-futtern:saufen --exclude=var
+ssh leitstelle-futtern '/home/c3h-futtern/saufen/update.sh'
diff --git a/deploy/prepare-deploy.sh b/deploy/prepare-deploy.sh
new file mode 100755
index 0000000..b57c20c
--- /dev/null
+++ b/deploy/prepare-deploy.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env sh
+
+TARGETDIR='deploy/app'
+
+if [ -d $TARGETDIR ]; then
+  rm -rf $TARGETDIR
+fi
+mkdir $TARGETDIR
+cd $TARGETDIR || return
+
+pathsToCopy="assets public bin config migrations src templates composer.json composer.lock symfony.lock .env importmap.php"
+
+for path in $pathsToCopy
+do
+  cp -r ../../"$path" ./
+done
+
+APP_ENV=prod composer install --no-dev -a
+rm -rf ./var/cache
+
+cd -
+
diff --git a/deploy/systemd/container-saufen-caddy.service b/deploy/systemd/container-saufen-caddy.service
new file mode 100644
index 0000000..1d421a1
--- /dev/null
+++ b/deploy/systemd/container-saufen-caddy.service
@@ -0,0 +1,43 @@
+# container-futtern-caddy.service
+# autogenerated by Podman 4.3.1
+# Sun Jun 23 05:33:51 UTC 2024
+
+[Unit]
+Description=Podman container-futtern-caddy.service
+Documentation=man:podman-generate-systemd(1)
+Wants=network-online.target
+After=network-online.target
+RequiresMountsFor=%t/containers
+BindsTo=pod-saufen.service
+After=pod-saufen.service
+
+[Service]
+Environment=PODMAN_SYSTEMD_UNIT=%n
+Restart=on-failure
+TimeoutStopSec=70
+ExecStartPre=/bin/rm \
+	-f %t/%n.ctr-id
+ExecStart=/usr/bin/podman run \
+	--cidfile=%t/%n.ctr-id \
+	--cgroups=no-conmon \
+	--rm \
+	--pod-id-file %t/pod-futtern.pod-id \
+	--sdnotify=conmon \
+	--replace \
+	-d \
+	--name futtern-caddy \
+	--volume %h/saufen/etc/caddy/Caddyfile:/etc/caddy/Caddyfile \
+	--volume %h/saufen/app:/var/www/html \
+	--volume caddy_data:/data docker.io/caddy/caddy:alpine
+ExecStop=/usr/bin/podman stop \
+	--ignore -t 10 \
+	--cidfile=%t/%n.ctr-id
+ExecStopPost=/usr/bin/podman rm \
+	-f \
+	--ignore -t 10 \
+	--cidfile=%t/%n.ctr-id
+Type=notify
+NotifyAccess=all
+
+[Install]
+WantedBy=default.target
diff --git a/deploy/systemd/container-saufen-php.service b/deploy/systemd/container-saufen-php.service
new file mode 100644
index 0000000..8701c04
--- /dev/null
+++ b/deploy/systemd/container-saufen-php.service
@@ -0,0 +1,46 @@
+# container-futtern-php.service
+# autogenerated by Podman 4.3.1
+# Sun Jun 23 05:33:51 UTC 2024
+
+[Unit]
+Description=Podman container-futtern-php.service
+Documentation=man:podman-generate-systemd(1)
+Wants=network-online.target
+After=network-online.target
+RequiresMountsFor=%t/containers
+BindsTo=pod-futtern.service
+After=pod-futtern.service
+
+[Service]
+Environment=PODMAN_SYSTEMD_UNIT=%n
+Restart=on-failure
+TimeoutStopSec=70
+ExecStartPre=/bin/rm \
+	-f %t/%n.ctr-id
+ExecStart=/usr/bin/podman run \
+	--cidfile=%t/%n.ctr-id \
+	--cgroups=no-conmon \
+	--rm \
+	--pod-id-file %t/pod-futtern.pod-id \
+	--sdnotify=conmon \
+	--replace \
+	-d \
+	--name futtern-php \
+	--volume %h/futtern/etc/php84/php-fpm.d/www.conf:/etc/php84/php-fpm.d/www.conf \
+	--volume %h/futtern/app:/var/www/html \
+	--volume %h/futtern/app/var:/var/www/html/var \
+	--env APP_ENV=prod \
+	--env APP_SECRET=UwUtHiSisNotSecurePlZcHanGeMe \
+	git.php.fail/lubiana/container/php:8.4-fpm
+ExecStop=/usr/bin/podman stop \
+	--ignore -t 10 \
+	--cidfile=%t/%n.ctr-id
+ExecStopPost=/usr/bin/podman rm \
+	-f \
+	--ignore -t 10 \
+	--cidfile=%t/%n.ctr-id
+Type=notify
+NotifyAccess=all
+
+[Install]
+WantedBy=default.target
diff --git a/deploy/systemd/pod-saufen.service b/deploy/systemd/pod-saufen.service
new file mode 100644
index 0000000..10a8fb0
--- /dev/null
+++ b/deploy/systemd/pod-saufen.service
@@ -0,0 +1,42 @@
+# pod-futtern.service
+# autogenerated by Podman 4.3.1
+# Sun Jun 23 05:33:51 UTC 2024
+
+[Unit]
+Description=Podman pod-futtern.service
+Documentation=man:podman-generate-systemd(1)
+Wants=network-online.target
+After=network-online.target
+RequiresMountsFor=/run/user/%U/containers
+Wants=container-futtern-caddy.service container-futtern-php.service
+Before=container-futtern-caddy.service container-futtern-php.service
+
+[Service]
+Environment=PODMAN_SYSTEMD_UNIT=%n
+Restart=on-failure
+TimeoutStopSec=70
+ExecStartPre=/bin/rm \
+	-f %t/pod-futtern.pid %t/pod-futtern.pod-id
+ExecStartPre=/usr/bin/podman pod create \
+	--infra-conmon-pidfile %t/pod-futtern.pid \
+	--pod-id-file %t/pod-futtern.pod-id \
+	--exit-policy=stop \
+	--label io.containers.autoupdate=registry \
+	--name futtern \
+	-p 8087:8087 \
+	--replace
+ExecStart=/usr/bin/podman pod start \
+	--pod-id-file %t/pod-futtern.pod-id
+ExecStop=/usr/bin/podman pod stop \
+	--ignore \
+	--pod-id-file %t/pod-futtern.pod-id  \
+	-t 10
+ExecStopPost=/usr/bin/podman pod rm \
+	--ignore \
+	-f \
+	--pod-id-file %t/pod-futtern.pod-id
+PIDFile=%t/pod-futtern.pid
+Type=forking
+
+[Install]
+WantedBy=default.target
diff --git a/deploy/update.sh b/deploy/update.sh
new file mode 100755
index 0000000..a03c457
--- /dev/null
+++ b/deploy/update.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/env sh
+
+systemctl --user stop pod-saufen
+systemctl --user start pod-saufen
+sleep 2
+podman exec -it saufen-php /var/www/html/bin/console cache:clear
+podman exec -it saufen-php /var/www/html/bin/console cache:warmup
+echo 'yes' | podman exec -it saufen-php /var/www/html/bin/console doctrine:migrations:migrate