From 82884436df4da43a6d73d8eb151415eab751fc82 Mon Sep 17 00:00:00 2001
From: Erich Blume <blume.erich@gmail.com>
Date: Tue, 3 Mar 2026 10:33:40 -0800
Subject: [PATCH] Route runner polling through internal forge.ops.eblu.me

The k8s and ringtail runners were hitting forge.eblu.me (fly.io proxy)
for every FetchTask poll (~every 2s), round-tripping through the public
internet unnecessarily. Use forge.ops.eblu.me (Caddy on indri, tailnet)
for infrastructure workloads.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 argocd/manifests/forgejo-runner/deployment.yaml | 2 +-
 nixos/ringtail/configuration.nix                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/argocd/manifests/forgejo-runner/deployment.yaml b/argocd/manifests/forgejo-runner/deployment.yaml
index 6e57137..4f67672 100644
--- a/argocd/manifests/forgejo-runner/deployment.yaml
+++ b/argocd/manifests/forgejo-runner/deployment.yaml
@@ -25,7 +25,7 @@ spec:
             - name: DOCKER_HOST
               value: tcp://localhost:2375
             - name: FORGEJO_URL
-              value: "https://forge.eblu.me"
+              value: "https://forge.ops.eblu.me"
             - name: RUNNER_NAME
               value: "k8s-runner"
             - name: RUNNER_LABELS
diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix
index 562cfdb..5a0035b 100644
--- a/nixos/ringtail/configuration.nix
+++ b/nixos/ringtail/configuration.nix
@@ -496,7 +496,7 @@ in
     instances.nix_container_builder = {
       enable = true;
       name = "ringtail-nix-builder";
-      url = "https://forge.eblu.me";
+      url = "https://forge.ops.eblu.me";
       tokenFile = "/etc/forgejo-runner/token.env";
       labels = [ "nix-container-builder:host" ];
       hostPackages = with pkgs; [