diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
new file mode 100644
index 0000000..fbf9c43
--- /dev/null
+++ b/.gitea/workflows/deploy.yml
@@ -0,0 +1,50 @@
+name: Deploy Hugo Site
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: ubuntu-24.04
+    container:
+      image: klakegg/hugo:ext-alpine
+    
+    env:
+      http_proxy: http://172.16.10.93:3128
+      https_proxy: http://172.16.10.93:3128
+      no_proxy: localhost,127.0.0.1,webserver.hahmann-trier.local
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Tools installieren
+        run: |
+          apk add --no-cache rsync openssh-client
+
+      - name: Hugo Build
+        run: hugo --minify
+
+      - name: SSH vorbereiten
+        run: |
+          # Verzeichnis sicher erstellen
+          mkdir -p /root/.ssh
+          chmod 700 /root/.ssh
+          
+          # Key schreiben und sicherstellen, dass er mit einer neuen Zeile endet
+          echo "${{ secrets.DEPLOY_SSH_KEY }}" > /root/.ssh/id_ed25519
+          chmod 600 /root/.ssh/id_ed25519
+          
+          # Known Hosts schreiben
+          echo "${{ secrets.KNOWN_HOSTS }}" > /root/.ssh/known_hosts
+          chmod 644 /root/.ssh/known_hosts
+
+      - name: Deploy via rsync
+        run: |
+          # Wir nutzen den absoluten Pfad zum Key /root/.ssh/id_ed25519
+          rsync -avz --delete \
+            -e "ssh -i /root/.ssh/id_ed25519 -o StrictHostKeyChecking=accept-new" \
+            public/ \
+            gitea-deploy@webserver.hahmann-trier.local:/var/www/www-rackaris-de
\ No newline at end of file