From aceb09d8e9b43255c9408a5365f7c4e6a90ecf18 Mon Sep 17 00:00:00 2001
From: Yadunand Prem <yadunand@yadunut.com>
Date: Wed, 1 Oct 2025 21:21:10 +0800
Subject: [PATCH] did codex figure this out?

---
 apps/base/gitea.yaml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/apps/base/gitea.yaml b/apps/base/gitea.yaml
index da5155c..4be5d28 100644
--- a/apps/base/gitea.yaml
+++ b/apps/base/gitea.yaml
@@ -164,6 +164,16 @@ spec:
 
     statefulset:
       replicas: 1
+      # Provide a Docker daemon via DinD so docker-based actions (buildx, login, etc.) work
+      dind:
+        repository: docker
+        tag: "27.5.1-dind"
+        pullPolicy: IfNotPresent
+        # Uncomment to force legacy iptables on some kernels
+        # extraEnvs:
+        #   - name: DOCKER_IPTABLES_LEGACY
+        #     value: "1"
+
       # Your custom runner config replicated here (labels, dind, volumes)
       actRunner:
         config: |
@@ -176,3 +186,9 @@ spec:
               - "ubuntu-latest:docker://docker.gitea.com/runner-images:ubuntu-latest"
               - "ubuntu-22.04:docker://docker.gitea.com/runner-images:ubuntu-22.04"
               - "ubuntu-20.04:docker://docker.gitea.com/runner-images:ubuntu-20.04"
+          container:
+            # Ensure the runner and job containers use the DinD socket
+            docker_host: "unix:///var/run/docker.sock"
+            # Allow mounting the docker.sock into job containers
+            valid_volumes:
+              - "/var/run/docker.sock"