From 411b07e23c2db2321fb645767d6afdb363f52074 Mon Sep 17 00:00:00 2001
From: Erich Blume <blume.erich@gmail.com>
Date: Sun, 25 Jan 2026 18:48:57 -0800
Subject: [PATCH] Mount Docker socket in job containers for DinD

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 ansible/roles/forgejo_runner/templates/config.yaml.j2 | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ansible/roles/forgejo_runner/templates/config.yaml.j2 b/ansible/roles/forgejo_runner/templates/config.yaml.j2
index 07bdb8d..b5ae974 100644
--- a/ansible/roles/forgejo_runner/templates/config.yaml.j2
+++ b/ansible/roles/forgejo_runner/templates/config.yaml.j2
@@ -7,7 +7,11 @@ runner:
   capacity: {{ forgejo_runner_capacity }}
   timeout: {{ forgejo_runner_timeout }}
 
-# Even in host execution mode, some actions run in containers.
-# Use host networking so containers can access localhost services.
+# Container settings for docker execution mode
 container:
+  # Host networking so containers can reach services (forge.ops.eblu.me, etc.)
   network: "host"
+  # Mount Docker socket for container builds (DinD)
+  options: "-v /var/run/docker.sock:/var/run/docker.sock"
+  valid_volumes:
+    - /var/run/docker.sock