A. Platform Substrate

The host that runs UIAO — WS2025 + IIS + Gitea + Kerberos + PKI

Published

April 24, 2026

A. Platform Substrate

The concrete infrastructure that hosts UIAO’s governance substrate. Every modernization action — every analysis, plan, and delivery — runs on this host. One Windows Server 2025 machine runs Gitea behind IIS, authenticates against AD and Entra, enrolls in Intune + Azure Arc, and serves the canonical monorepo.

Leaves

  • A.1 Windows Server 2025 base configuration
  • A.2 IIS reverse proxy
  • A.3 Gitea canonical repo host
  • A.4 Kerberos bridge (legacy auth → modern)
  • A.5 Enterprise PKI / ADCS
  • A.6 TLS certificate lifecycle
  • A.7 Backup, replication, DR
  • A.8 Security hardening (CIS, AppLocker, WDAC)

Current pages

  • Platform Server Build Guide — 14-phase canonical runbook (WS2025 + IIS + Gitea + Intune + Arc + OrgTree). Will re-home to this sub-category in Phase 3 of migration.
NoteScaffold

Remaining leaves are authoring backlog. See taxonomy working doc §3 for source-of-truth mapping.

Back to top