From 4cd85acd2145b6a42888296f15b9a982fc443de1 Mon Sep 17 00:00:00 2001
From: sbpro <sbpro@noreply.code.itkan.io>
Date: Sat, 27 Dec 2025 01:47:48 +0000
Subject: [PATCH] Update github-runner-deploy.md

---
 github-runner-deploy.md | 55 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/github-runner-deploy.md b/github-runner-deploy.md
index eb8abae..2d38868 100644
--- a/github-runner-deploy.md
+++ b/github-runner-deploy.md
@@ -79,6 +79,61 @@ sudo systemctl daemon-reload
 sudo systemctl enable --now act_runner
 ```
 
+### Rootless Podman Configuration for act_runner
+
+#### 1. User Setup
+
+The service user needs a proper home directory and shell:
+```bash
+sudo usermod -m -d /home/act_runner -s /bin/bash act_runner
+sudo mkdir -p /home/act_runner
+sudo chown act_runner:act_runner /home/act_runner
+```
+
+#### 2. User Namespace Mappings
+
+Required for rootless containers to map UIDs/GIDs:
+```bash
+sudo usermod --add-subuids 100000-165535 --add-subgids 100000-165535 act_runner
+podman system migrate
+```
+
+#### 3. Enable Linger and Podman Socket
+```bash
+sudo loginctl enable-linger act_runner
+sudo -u act_runner XDG_RUNTIME_DIR=/run/user/$(id -u act_runner) systemctl --user enable --now podman.socket
+```
+
+#### 4. Configure act_runner
+
+In `/etc/act_runner/config.yaml`:
+```yaml
+container:
+  docker_host: unix:///run/user/<UID>/podman/podman.sock
+```
+
+Replace `<UID>` with output of `id -u act_runner`.
+
+#### 5. Configure Registries
+
+In `/etc/containers/registries.conf`:
+```toml
+unqualified-search-registries = ["docker.io", "docker.gitea.com"]
+```
+
+#### 6. systemd Unit Environment
+
+Add to `/etc/systemd/system/act_runner.service` under `[Service]`:
+```ini
+Environment="XDG_RUNTIME_DIR=/run/user/%U"
+```
+
+#### 7. Apply Changes
+```bash
+sudo systemctl daemon-reload
+sudo systemctl restart act_runner
+```
+
 ## Docker Runner 
 
 WIP
\ No newline at end of file