docs: add ADR index workflow, standardize all ADR formats

- Add Gitea Action to auto-update README badges and ADR table on push
- Standardize 8 ADRs from heading-style to inline metadata format
- Add shields.io badges for ADR counts (total/accepted/proposed)
- Replace static directory listing with linked ADR table in README
- Accept ADR-0030 (MFA/YubiKey strategy)

decisions/0014-docker-build-best-practices.md

@@ -1,12 +1,9 @@
-# ADR-0014: Docker Build Best Practices
+# Docker Build Best Practices
 
-## Status
-
-Accepted
-
-## Date
-
-2026-02-02
+* Status: accepted
+* Date: 2026-02-02
+* Deciders: Billy
+* Technical Story: Standardize container build practices for GPU-heavy ML images
 
 ## Context
 

decisions/0015-ci-notifications-and-semantic-versioning.md

@@ -1,12 +1,9 @@
-# ADR-0015: CI Notifications and Semantic Versioning
+# CI Notifications and Semantic Versioning
 
-## Status
-
-Accepted
-
-## Date
-
-2026-02-02
+* Status: accepted
+* Date: 2026-02-02
+* Deciders: Billy
+* Technical Story: Add pipeline notifications and automated versioning to Gitea Actions CI
 
 ## Context
 

decisions/0019-handler-deployment-strategy.md

@@ -1,12 +1,9 @@
-# ADR-0019: Python Module Deployment Strategy
+# Python Module Deployment Strategy
 
-## Status
-
-Accepted
-
-## Date
-
-2026-02-02
+* Status: accepted
+* Date: 2026-02-02
+* Deciders: Billy
+* Technical Story: Define how Python handler modules are packaged and deployed to Kubernetes
 
 ## Context
 

decisions/0020-internal-registry-for-cicd.md

@@ -1,12 +1,9 @@
-# ADR-0020: Internal Registry URLs for CI/CD
+# Internal Registry URLs for CI/CD
 
-## Status
-
-Accepted
-
-## Date
-
-2026-02-02
+* Status: accepted
+* Date: 2026-02-02
+* Deciders: Billy
+* Technical Story: Bypass Cloudflare 100MB limit by using internal registry endpoints for CI pushes
 
 ## Context
 

decisions/0021-notification-architecture.md

@@ -1,8 +1,9 @@
-# ADR-0021: Notification Architecture
+# Notification Architecture
 
-## Status
-
-Accepted
+* Status: accepted
+* Date: 2026-02-04
+* Deciders: Billy
+* Technical Story: Unify notification delivery across CI, alerting, and monitoring systems
 
 ## Context
 

decisions/0022-ntfy-discord-bridge.md

@@ -1,8 +1,9 @@
-# ADR-0022: ntfy-Discord Bridge Service
+# ntfy-Discord Bridge Service
 
-## Status
-
-Accepted
+* Status: accepted
+* Date: 2026-02-04
+* Deciders: Billy
+* Technical Story: Forward ntfy notifications to Discord webhooks with proper embed formatting
 
 ## Context
 

decisions/0023-valkey-ml-caching.md

@@ -1,8 +1,9 @@
-# ADR-0023: Valkey for ML Inference Caching
+# Valkey for ML Inference Caching
 
-## Status
-
-Accepted
+* Status: accepted
+* Date: 2026-02-04
+* Deciders: Billy
+* Technical Story: Consolidate and configure Valkey for ML caching use cases
 
 ## Context
 

decisions/0024-ray-repository-structure.md

@@ -1,12 +1,9 @@
-# ADR-0024: Ray Repository Structure
+# Ray Repository Structure
 
-## Status
-
-Accepted
-
-## Date
-
-2026-02-03
+* Status: accepted
+* Date: 2026-02-03
+* Deciders: Billy
+* Technical Story: Document repository layout for Ray Serve and KubeRay image components
 
 ## Context
 

decisions/0030-mfa-yubikey-strategy.md

@@ -1,6 +1,6 @@
 # MFA and Yubikey Strategy
 
-* Status: proposed
+* Status: accepted
 * Date: 2026-02-04
 * Deciders: Billy
 * Technical Story: Enable hardware security key (Yubikey) authentication across homelab applications
@@ -52,7 +52,7 @@ WebAuthn provides the best security (phishing-resistant) and user experience (to
 
 | Application | WebAuthn Support | Current Status | Action Required |
 |-------------|------------------|----------------|-----------------|
-| Authentik | ✅ Native | ⚠️ In Progress | Configure enforcement policies |
+| Authentik | ✅ Native | ✅ Implemented | Blueprint deployed via ConfigMap |
 | Vaultwarden | ✅ Native | ✅ Implemented | None - WebAuthn enrolled |
 
 ## Authentik Configuration