Configure action runner with needed permissions to deploy static sites.

hosts/hub/apps/dev.nix

@@ -1,4 +1,9 @@
-{ pkgs, config, ... }:
+{
+  pkgs,
+  config,
+  utils,
+  ...
+}:
 
 let
   name = "dev";
@@ -43,14 +48,32 @@ in
           "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04"
           "native:host"
         ];
+        settings = {
+          container = {
+            network = "bridge";
+          };
+        };
+        hostPackages = with pkgs; [
+          bash
+          coreutils
+          curl
+          gawk
+          gitMinimal
+          gnused
+          nodejs
+          rsync
+          wget
+        ];
         tokenFile = config.age.secrets."${name}_runner_linux".path;
       };
     };
   };
 
+  systemd.services."gitea-runner-${utils.escapeSystemdPath "${name}-linux"}".serviceConfig.ReadWritePaths = "/var/www";
+
   environment.systemPackages = with pkgs; [ unstable.forgejo-runner ];
 
-  networking.firewall.trustedInterfaces = [ "br-+" ];
+  networking.firewall.trustedInterfaces = [ "podman0" ];
 
   containers."${name}" = {
     autoStart = true;