From 424c03b189276840122241339d7121cc57a32cbd Mon Sep 17 00:00:00 2001
From: albert <albert@sysctl.io>
Date: Mon, 3 Feb 2025 21:16:58 -0800
Subject: [PATCH] update runner

---
 .forgejo/workflows/update-flake-lock.yml | 2 +-
 nixos/common/services/forgejo-runner.nix | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.forgejo/workflows/update-flake-lock.yml b/.forgejo/workflows/update-flake-lock.yml
index 1e93060e..f964b31c 100644
--- a/.forgejo/workflows/update-flake-lock.yml
+++ b/.forgejo/workflows/update-flake-lock.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: forgejo
     container:
       image: git.sysctl.io/albert/actions-images/node:latest
-      options: --pull always
+      options: "--pull always"
     steps:
       - run: cat /etc/hosts.template
       - run: cat /etc/hosts
diff --git a/nixos/common/services/forgejo-runner.nix b/nixos/common/services/forgejo-runner.nix
index 51f932e5..17f9bdc9 100644
--- a/nixos/common/services/forgejo-runner.nix
+++ b/nixos/common/services/forgejo-runner.nix
@@ -26,6 +26,10 @@
       tokenFile = /run/secrets/services/forgejo_token;
       hostPackages = with pkgs; [ nix deploy-rs nodejs coreutils git gnutar gzip ];
       settings = {
+        container = {
+          force_pull = true;
+          clean_working_directory = true;
+        };
         valid_volumes = [
           "/run/podman/podman.sock:/run/podman/podman.sock:rw" # Docker socket
           "/dev/net/tun:/dev/net/tun:rw"  # Tunnel device mapping