From d53a429a5afc916551e5f0bc1e98ca3e72e20532 Mon Sep 17 00:00:00 2001
From: Thomas Hallock <thomas@evolutioniq.com>
Date: Sun, 25 Jan 2026 13:54:32 -0600
Subject: [PATCH] fix(ci): use explicit IPv4 DNS for gitea-runner

The home network has IPv6 DNS that's unreachable from the k3s VM.
Changed from dns_policy=Default to dns_policy=None with explicit
Google DNS servers (8.8.8.8, 8.8.4.4) to fix image pulls.
---
 infra/terraform/gitea.tf | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/infra/terraform/gitea.tf b/infra/terraform/gitea.tf
index a1fe642d..d1160219 100644
--- a/infra/terraform/gitea.tf
+++ b/infra/terraform/gitea.tf
@@ -663,8 +663,12 @@ resource "kubernetes_deployment" "gitea_runner" {
       }
 
       spec {
-        # Use Default DNS policy to use node's DNS (bypasses broken coredns)
-        dns_policy = "Default"
+        # Use explicit DNS to avoid IPv6 issues on home network
+        dns_policy = "None"
+        dns_config {
+          nameservers = ["8.8.8.8", "8.8.4.4"]
+          searches    = ["gitea.svc.cluster.local", "svc.cluster.local", "cluster.local"]
+        }
 
         # Also add hostAliases for internal services since we're not using cluster DNS
         host_aliases {