diff --git a/.gitea/workflows/build-and-push.yaml b/.gitea/workflows/build-and-push.yaml
index 595615d..29d24d9 100644
--- a/.gitea/workflows/build-and-push.yaml
+++ b/.gitea/workflows/build-and-push.yaml
@@ -7,6 +7,10 @@ on:
     tags:
       - "v*"
 
+env:
+  # Internal Gitea service URL — bypasses nginx, avoids /v2/ routing issue
+  INTERNAL_REGISTRY: gitea-http.gitea.svc.cluster.local:3000
+
 jobs:
   build-and-push:
     runs-on: orchestration-platform
@@ -17,7 +21,6 @@ jobs:
       - name: Install tools
         run: |
           apk add --no-cache git curl
-          # Install crane for pushing to insecure registries
           curl -sL https://github.com/google/go-containerregistry/releases/latest/download/go-containerregistry_Linux_x86_64.tar.gz | tar -xz -C /usr/local/bin crane
 
       - name: Checkout code
@@ -36,14 +39,12 @@ jobs:
 
       - name: Build image
         run: |
-          REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
-          IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}:${{ steps.meta.outputs.tag }}"
+          IMAGE="${INTERNAL_REGISTRY}/${{ gitea.repository }}:${{ steps.meta.outputs.tag }}"
           docker build -t "${IMAGE}" .
           docker save "${IMAGE}" -o image.tar
 
       - name: Push image
         run: |
-          REGISTRY_HOST=$(echo "${{ gitea.server_url }}" | sed 's|https\?://||')
-          IMAGE="${REGISTRY_HOST}/${{ gitea.repository }}:${{ steps.meta.outputs.tag }}"
-          crane auth login "${REGISTRY_HOST}" -u "${{ gitea.actor }}" -p "${{ secrets.REGISTRY_TOKEN }}" --insecure
-          crane push image.tar "${IMAGE}" --insecure
\ No newline at end of file
+          IMAGE="${INTERNAL_REGISTRY}/${{ gitea.repository }}:${{ steps.meta.outputs.tag }}"
+          crane auth login "${INTERNAL_REGISTRY}" -u "${{ gitea.actor }}" -p "${{ secrets.REGISTRY_TOKEN }}" --insecure
+          crane push image.tar "${IMAGE}" --insecure