diff --git a/config/ansible/tasks/servers/services/gitea/act-runner-config.yaml.j2 b/config/ansible/tasks/servers/services/gitea/act-runner-config.yaml.j2
index 648db96..92bf477 100644
--- a/config/ansible/tasks/servers/services/gitea/act-runner-config.yaml.j2
+++ b/config/ansible/tasks/servers/services/gitea/act-runner-config.yaml.j2
@@ -95,4 +95,4 @@ container:
 host:
   # The parent directory of a job's working directory.
   # If it's empty, $HOME/.cache/act/ will be used.
-  workdir_parent:
+  workdir_parent: /tmp/act_runner
diff --git a/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2
index d823ad5..01a2370 100644
--- a/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2
+++ b/config/ansible/tasks/servers/services/gitea/docker-compose.yml.j2
@@ -5,6 +5,16 @@ services:
     environment:
       - PUID=1000
       - PGID=100
+      - GITEA__STORAGE__REPOSITORIES_TYPE=s3
+      - GITEA__STORAGE__REPOSITORIES_BUCKET=gitea-repositories
+      - GITEA__STORAGE__REPOSITORIES_ENDPOINT=https://{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='endpoint') }}
+      - GITEA__STORAGE__REPOSITORIES_ACCESS_KEY={{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_ACCESS_KEY_ID') }}
+      - GITEA__STORAGE__REPOSITORIES_SECRET_KEY={{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_SECRET_ACCESS_KEY') }}
+      - GITEA__STORAGE__ATTACHMENTS_TYPE=s3
+      - GITEA__STORAGE__ATTACHMENTS_BUCKET=gitea-attachments
+      - GITEA__STORAGE__ATTACHMENTS_ENDPOINT=https://{{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='endpoint') }}
+      - GITEA__STORAGE__ATTACHMENTS_ACCESS_KEY={{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_ACCESS_KEY_ID') }}
+      - GITEA__STORAGE__ATTACHMENTS_SECRET_KEY={{ lookup('community.general.onepassword', 'mfk2qgnaplgtk6xmfc3r6w6neq', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='AWS_SECRET_ACCESS_KEY') }}
     volumes:
       - {{gitea_data_dir}}/gitea:/data
       - /etc/timezone:/etc/timezone:ro
@@ -35,6 +45,7 @@ services:
     volumes:
       - {{gitea_service_dir}}/act-runner-config.yaml:/config.yaml
       - /var/run/docker.sock:/var/run/docker.sock
+      - /tmp/act_runner:/tmp/act_runner
     environment:
       - PUID=1000
       - PGID=100