getting there...

examples/docker-compose/compose-forgejo-and-runner.yml

@@ -6,7 +6,7 @@
 #
 #   openssl rand -hex 20
 #
-# Replace all occurences of {SHARED_SECRET} below with the output.
+# Replace all occurences of 02f8e8ed1bd08d55338026d04b5513684ff23c1f below with the output.
 #
 # NOTE: a token obtained from the Forgejo web interface cannot be used
 #       as a shared secret.
@@ -49,7 +49,7 @@ services:
       /bin/s6-svscan /etc/s6 &
       sleep 10 ;
       su -c "forgejo admin user create --admin --username root --password ROOT_PASSWORD --email root@example.com" git ;
-      su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ;
+      su -c "forgejo forgejo-cli actions register --secret 02f8e8ed1bd08d55338026d04b5513684ff23c1f" git ;
       sleep infinity
       '
 
@@ -75,7 +75,7 @@ services:
       - docker-in-docker
     environment:
       FORGEJO_URL: ${FORGEJO_URL} # defaults to http://forgejo:3000
-      FORGEJO_SECRET: "{SHARED_SECRET}" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN
+      FORGEJO_SECRET: "02f8e8ed1bd08d55338026d04b5513684ff23c1f" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN
       RUNNER_TOKEN: ${RUNNER_TOKEN} # token obtained from Forgejo web interface
 
       RUNNER__CONFIG_FILE: config.yml # defaults to /data/config.yml
@@ -84,6 +84,8 @@ services:
       
       RUNNER__CONTAINER__PRIVILEGED: "true" # defaults to false for security reasons
       RUNNER__CONTAINER_OPTIONS: -v /certs/client:/certs/client:ro # needed for TLS
+      RUNNER__CONTAINER__DOCKER_HOST: "tcp://docker:2376" # defaults to "-", an available docker host will automatically be found
+      RUNNER__RUNNER__INSECURE: false
       RUNNER__RUNNER__ENVS: |
         DOCKER_HOST=tcp://docker:2376
         DOCKER_TLS_VERIFY=1