deuill
/
coreos-home-server
mirror of https://github.com/deuill/coreos-home-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Don't use `PrivateTmp` for Gitea Actions container 

The `PrivateTmp` directive causes issues for network namespacing in
containers, and can be avoided by simply creating a separate folder.
This commit is contained in:
Alex Palaistras 2024-05-09 21:47:44 +01:00
parent bd901a757e
commit 1a02ddf0b3
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
service/gitea/quadlet/gitea-actions.container
View File

@ -10,12 +10,12 @@ EnvironmentFile=%E/coreos-home-server/gitea/gitea.env
Image=localhost/gitea:latest
PodmanArgs=--security-opt label=disable --entrypoint /run-gitea-actions
Volume=%N:/var/lib/%N:z
Volume=/tmp/runner-token:/etc/gitea/runner-token
Volume=/tmp/gitea/actions/runner-token:/etc/gitea/runner-token
Volume=/run/gitea-actions/podman.sock:/run/gitea-actions/podman.sock
[Service]
ExecStartPre=/bin/bash -c 'podman exec gitea gosu git /usr/bin/gitea -c /etc/gitea/config.ini actions generate-runner-token > /tmp/runner-token'
PrivateTmp=true
ExecStartPre=/bin/install --mode 0700 -d /tmp/gitea-actions
ExecStartPre=/bin/bash -c 'podman exec gitea gosu git /usr/bin/gitea -c /etc/gitea/config.ini actions generate-runner-token > /tmp/gitea-actions/runner-token'
Restart=on-failure
[Install]