[Unit]
Description=Gitea Act Runner

[Container]
ContainerName=act-runner
Image=docker.io/gitea/act_runner:latest
AutoUpdate=registry
User=1001
Group=1002
UserNS=keep-id:uid=1001,gid=1002
Volume=./config.yaml:/config.yaml:ro
Volume=act-runner-data:/data:Z
Volume=/run/user/1001/podman/podman.sock:/run/user/1001/podman/podman.sock
EnvironmentFile=act-runner.env
NoNewPrivileges=true
SecurityLabelType=container_t
#CapabilityBoundingSet=

[Service]
Restart=on-abnormal

#[Install]
#WantedBy=default.target