## Using Rootless Docker with`act_runner`

Here is a simple example of how to set up `act_runner` with rootless Docker. It has been created with Debian, but other Linux should work the same way.

Note: This procedure needs a real login shell -- using `sudo su` or other method of accessing the account will fail some of the steps below.

As `root`:

- Create a user to run both `docker` and `act_runner`. In this example, we use a non-privileged account called `rootless`.

```bash
 useradd -m rootless
 passwd rootless
```

- Install [`docker-ce`](https://docs.docker.com/engine/install/)
- (Recommended) Disable the system-wide Docker daemon

     ``systemctl disable --now docker.service docker.socket``

As the `rootless` user:

- Follow the instructions for [enabling rootless mode](https://docs.docker.com/engine/security/rootless/)
- Add the following lines to the `/home/rootless/.bashrc`:

```bash
 export XDG_RUNTIME_DIR=/home/rootless/.docker/run
 export PATH=/home/rootless/bin:$PATH
 export DOCKER_HOST=unix:///run/user/1001/docker.sock
```

- Reboot. Ensure that the Docker process is working.
- Create a directory for saving `act_runner` data between restarts

 `mkdir /home/rootless/act_runner`

- Register the runner from the data directory

```bash
 cd /home/rootless/act_runner
 act_runner register
```

- Generate a `act_runner` configuration file in the data directory. Edit the file to adjust for the system.

```bash
 act_runner generate-config >/home/rootless/act_runner/config
```

- Create a new user-level`systemd` unit file as `/home/rootless/.config/systemd/user/act_runner.service` with the following contents:

```bash
 Description=Gitea Actions runner
 Documentation=https://gitea.com/gitea/act_runner
 After=docker.service

 [Service]
 Environment=PATH=/home/rootless/bin:/sbin:/usr/sbin:/home/rootless/bin:/home/rootless/bin:/home/rootless/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
 Environment=DOCKER_HOST=unix:///run/user/1001/docker.sock
 ExecStart=/usr/bin/act_runner daemon -c /home/rootless/act_runner/config
 ExecReload=/bin/kill -s HUP $MAINPID
 WorkingDirectory=/home/rootless/act_runner
 TimeoutSec=0
 RestartSec=2
 Restart=always
 StartLimitBurst=3
 StartLimitInterval=60s
 LimitNOFILE=infinity
 LimitNPROC=infinity
 LimitCORE=infinity
 TasksMax=infinity
 Delegate=yes
 Type=notify
 NotifyAccess=all
 KillMode=mixed

 [Install]
 WantedBy=default.target
```

- Reboot

After the system restarts, check that the`act_runner` is working and that the runner is connected to Gitea.

````bash
 systemctl --user status act_runner
 journalctl --user -xeu act_runner