privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add macvlan LAN-only warning for runners outside the network

Browse Source 
Macvlan container IPs are only reachable on the LAN. Runners working
remotely (coffee shop, VPN) must use the public GITEA_DOMAIN instead
of the LAN IP in their .runner file. Added inline comments to
.env.example and troubleshooting entries to README.md and USAGE_GUIDE.md.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
S
2026-03-05 06:24:23 -06:00
parent c2087d5087
commit 5a8a23ef69
3 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
USAGE_GUIDE.md
View File

@@ -364,6 +364,20 @@ This generates ed25519 keys on each host and distributes public keys to the othe
**Fix**: Log out and back in to the Fedora machine (SSH session), then re-run the failed script. Adding a user to the `docker` group requires a new login session to take effect.
### Runner cannot connect from outside the LAN
**Symptom**: A runner (typically a MacBook) shows as offline or fails to connect when working outside the local network (e.g., coffee shop, VPN, mobile hotspot).
**Cause**: Gitea containers use macvlan IPs (e.g., `192.168.1.177`) which are only reachable from machines on the same LAN. The runner's `.runner` file contains `"address": "http://192.168.1.177:3000"` which is unreachable from outside.
**Fix**: Edit the runner's `.runner` file and change the `address` to the public domain:
```json
"address": "https://YOUR_DOMAIN"
```
Then restart the runner. The public domain routes through Caddy (Phase 8) and works from anywhere. No SSH tunnel needed.
### Runner shows as offline after deployment
**Symptom**: Phase 3 post-check reports a runner as offline.