tf-services/docker-compose.runners.yml

# Forgejo Actions runners — co-located on com.uvlava.quinn.artifacts, one per forge.
# Standing runners (always-on) executing each repo's .forgejo/workflows (semver/build/publish).
# Registration tokens are RUNTIME secrets (per forge, from /api/v1/admin/runners/registration-token),
# injected at deploy — NEVER committed. Templated here; fill GITEA_RUNNER_REGISTRATION_TOKEN per runner.
# On-demand burst scaling (beyond these standing runners) is the separate ci-runners terraform.
# Deploy: docker compose -f docker-compose.runners.yml up -d   (shares the forges' services_default net)
services:
  runner-ct:
    image: gitea/act_runner:latest
    restart: always
    environment:
      GITEA_INSTANCE_URL: "http://forgejo-ct:3000"
      GITEA_RUNNER_REGISTRATION_TOKEN: "__CT_REGTOKEN__"
      GITEA_RUNNER_NAME: "artifacts-ct"
      GITEA_RUNNER_LABELS: "ubuntu-latest:docker://node:20-bookworm,docker:docker://node:20-bookworm"
    volumes: [ /var/run/docker.sock:/var/run/docker.sock, /opt/services/runner-ct:/data ]
  runner-mc:
    image: gitea/act_runner:latest
    restart: always
    environment:
      GITEA_INSTANCE_URL: "http://forgejo-mc:3000"
      GITEA_RUNNER_REGISTRATION_TOKEN: "__MC_REGTOKEN__"
      GITEA_RUNNER_NAME: "artifacts-mc"
      GITEA_RUNNER_LABELS: "ubuntu-latest:docker://node:20-bookworm"
    volumes: [ /var/run/docker.sock:/var/run/docker.sock, /opt/services/runner-mc:/data ]
  runner-quinn:
    image: gitea/act_runner:latest
    restart: always
    environment:
      GITEA_INSTANCE_URL: "http://forgejo-quinn:3000"
      GITEA_RUNNER_REGISTRATION_TOKEN: "__QUINN_REGTOKEN__"
      GITEA_RUNNER_NAME: "artifacts-quinn"
      GITEA_RUNNER_LABELS: "ubuntu-latest:docker://node:20-bookworm"
    volumes: [ /var/run/docker.sock:/var/run/docker.sock, /opt/services/runner-quinn:/data ]
networks:
  default:
    name: services_default
    external: true