# runner-config.yaml — only the relevant section
container:
  # join the same network Gitea is on, so job containers can resolve 'gitea'
  # for actions/checkout and other internal API calls.
  network: gitea_gitea
  # passed as DOCKER_HOST inside the job container; act_runner auto-mounts
  # this socket path into the job, so no explicit -v option is needed.
  docker_host: "unix:///var/run/docker.sock"
  # Job workspaces are stored here and mounted at the same absolute path
  # inside job containers. Identical host <-> container path is the requirement:
  # Compose resolves relative bind mounts to $(pwd) inside the job container
  # and passes that absolute path to the host daemon, which must find the file
  # at that exact host path. Prerequisite: /srv/gitea-workspace exists on the
  # host and is bind-mounted in the runner container (see compose.yaml).
  workdir_parent: /srv/gitea-workspace
  # whitelists volumes that workflow steps may bind-mount
  valid_volumes:
    - "/var/run/docker.sock"
    - "/srv/gitea-workspace"
    - "/opt/familienarchiv"
  # mount the workspace and the permanent obs/config directory into job containers.
  # /opt/familienarchiv is the stable path CI copies configs to (ADR-016); it must
  # be mounted here so deploy steps can write through to the host filesystem.
  options: "-v /srv/gitea-workspace:/srv/gitea-workspace -v /opt/familienarchiv:/opt/familienarchiv"
  # keep behavior default — Testcontainers handles its own networking
  force_pull: false