From 4ef77bf255fe756d5c5aa388230b074cf683c1ef Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Fri, 27 Mar 2026 13:33:00 +0000
Subject: [PATCH] feat: add Forgejo Actions runner (act_runner) to
 docker-compose
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Adds the act-runner service alongside Forgejo. It connects to the
Podman socket proxy so CI jobs can build and run containers on the Pi.

Also enables FORGEJO__actions__ENABLED on the Forgejo service.

FORGEJO_RUNNER_TOKEN must be set in .env — obtain it from:
  Forgejo → Site Administration → Actions → Runners → Create new runner

https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH
---
 infra/.env.example       |  3 +++
 infra/docker-compose.yml | 23 +++++++++++++++++++++++
 2 files changed, 26 insertions(+)

diff --git a/infra/.env.example b/infra/.env.example
index 5625243..65b7b70 100644
--- a/infra/.env.example
+++ b/infra/.env.example
@@ -15,6 +15,9 @@ POSTGRES_PASSWORD=changeme
 # Forgejo (optional — only needed if you add the forgejo service to docker-compose.yml).
 FORGEJO_DB_PASSWORD=changeme
 FORGEJO_DOMAIN=git.yourdomain.com
+# Actions runner registration token — obtain from Forgejo:
+#   Site Administration → Actions → Runners → Create new runner
+FORGEJO_RUNNER_TOKEN=
 
 # ── Backup (infra/backup.sh) ──────────────────────────────────────────────────
 # Local directory to store backup archives.
diff --git a/infra/docker-compose.yml b/infra/docker-compose.yml
index d81ce6f..9495449 100644
--- a/infra/docker-compose.yml
+++ b/infra/docker-compose.yml
@@ -93,6 +93,8 @@ services:
       FORGEJO__server__SSH_DOMAIN: ${FORGEJO_DOMAIN}
       # Skip the first-run wizard — everything is configured via env vars above.
       FORGEJO__security__INSTALL_LOCK: "true"
+      # Enable Actions.
+      FORGEJO__actions__ENABLED: "true"
     volumes:
       - forgejo-data:/data
     depends_on:
@@ -100,6 +102,26 @@ services:
     networks:
       - hiy-net
 
+  # ── Forgejo Actions runner ─────────────────────────────────────────────────
+  # Obtain FORGEJO_RUNNER_TOKEN from Forgejo:
+  #   Site Administration → Actions → Runners → Create new runner
+  act-runner:
+    image: code.forgejo.org/forgejo/act_runner:latest
+    restart: unless-stopped
+    environment:
+      FORGEJO_INSTANCE_URL: https://${FORGEJO_DOMAIN}
+      FORGEJO_RUNNER_REGISTRATION_TOKEN: ${FORGEJO_RUNNER_TOKEN}
+      FORGEJO_RUNNER_NAME: hiy-runner
+      # Give the runner access to Podman so CI jobs can build/run containers.
+      DOCKER_HOST: tcp://podman-proxy:2375
+    volumes:
+      - act-runner-data:/data
+    depends_on:
+      - forgejo
+      - podman-proxy
+    networks:
+      - hiy-net
+
   # ── Reverse proxy ─────────────────────────────────────────────────────────
   caddy:
     image: docker.io/library/caddy:2-alpine
@@ -170,6 +192,7 @@ networks:
 volumes:
   hiy-data:
   forgejo-data:
+  act-runner-data:
   caddy-data:
   caddy-config:
   hiy-pg-data: