Gitea

Gitea Actions

Gitea Actions is enabled by setting:

GITEA__actions__ENABLED=true

Runner service

The repository includes a dedicated Gitea Actions runner service named:

gitea-runner

The runner uses Docker through the existing Docker socket proxy:

DOCKER_HOST=tcp://docker-socket-proxy:2375

The runner intentionally does not mount:

/var/run/docker.sock

Registration token

Generate a runner registration token from the Gitea UI:

Site Administration → Actions → Runners
or Repo → Settings → Actions → Runners

Put the token in your env/secrets file:

GITEA_RUNNER_REGISTRATION_TOKEN=...

Start the runner

./services-up.sh --profile gitea up -d gitea-runner
or ./services-up.sh --profile all up -d gitea-runner

Logs

docker logs -f gitea-runner

Labels

Common workflow label:

runs-on: ubuntu-latest

This should match the configured labels, for example:

GITEA_RUNNER_LABELS=ubuntu-latest:docker://node:20-bookworm,...

Security note

The runner can control Docker through docker-socket-proxy. This is safer than mounting the raw Docker socket directly, but workflows still have meaningful control over Docker. Only trusted repositories/users should be allowed to run workflows on this runner.