diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index a07274f9..1aa16069 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -13,6 +13,7 @@
     ./games.nix
     ./git-sync.nix
     ./gitea.nix
+    ./gitea-runner.nix
     ./imalison.nix
     ./internet-computer.nix
     ./kat.nix
diff --git a/nixos/gitea-runner.nix b/nixos/gitea-runner.nix
new file mode 100644
index 00000000..b2d5c637
--- /dev/null
+++ b/nixos/gitea-runner.nix
@@ -0,0 +1,50 @@
+{ pkgs, config, makeEnable, ... }:
+makeEnable config "modules.gitea-runner" false {
+  age.secrets.gitea-runner-token = {
+    file = ./secrets/gitea-runner-token.${config.networking.hostName}.age;
+    owner = "gitea";
+    group = "docker";
+  };
+
+    services.gitea-actions-runner.instances.nix =
+    let gitea-runner-directory = "/var/lib/gitea-runner";
+    in {
+      settings = {
+        cache = {
+          enabled = true;
+        };
+        container = {
+          workdir_parent = "${gitea-runner-directory}/workspace";
+        };
+        host = {
+          workdir_parent = "${gitea-runner-directory}/action-cache-dir";
+        };
+      };
+      hostPackages = with pkgs; [
+        bash
+        coreutils
+        curl
+        gawk
+        git-lfs
+        nixFlakes
+        gitFull
+        gnused
+        nodejs
+        wget
+      ];
+      enable = true;
+      name = config.networking.hostName;
+      url = "http://1896Folsom.duckdns.org:3000";
+      tokenFile = config.age.secrets.gitea-runner-token.path;
+      labels = [
+        "nixos-${pkgs.system}:host"
+        "nix:docker://localhost:5921/nix-runner"
+      ];
+    };
+
+    systemd.services.gitea-runner-nix.environment =
+      let gitea-runner-directory = "/var/lib/gitea-runner"; in {
+        XDG_CONFIG_HOME = gitea-runner-directory;
+        XDG_CACHE_HOME = "${gitea-runner-directory}/.cache";
+      };
+}
diff --git a/nixos/gitea.nix b/nixos/gitea.nix
index 969a0483..1d72524b 100644
--- a/nixos/gitea.nix
+++ b/nixos/gitea.nix
@@ -1,6 +1,5 @@
 { config, makeEnable, ... }:
 makeEnable config "modules.gitea" false {
-  age.secrets."gitea-runner-token".file = ./secrets/gitea-runner-token.age;
 
   services.gitea = {
     enable = true;
@@ -10,11 +9,4 @@ makeEnable config "modules.gitea" false {
       SSH_PORT = 1123;
     };
   };
-
-  services.gitea-actions-runner.instances-nix-runner = {
-    enable = true;
-    url = config.services.gitea.settings.server.ROOT_URL;
-    tokenFile = config.age.secrets.gitea-runner-token.path;
-    labels = [ "nixos:host" ];
-  };
 }
diff --git a/nixos/machines/ryzen-shine.nix b/nixos/machines/ryzen-shine.nix
index e50628d2..24cfd0aa 100644
--- a/nixos/machines/ryzen-shine.nix
+++ b/nixos/machines/ryzen-shine.nix
@@ -9,6 +9,7 @@
   # Needed for now because monitors have different refresh rates
   modules.xmonad.picom.vSync.enable = false;
   modules.cache-server.enable = true;
+  modules.gitea-runner.enable = true;
 
   boot.loader.systemd-boot.configurationLimit = 5;
 
diff --git a/nixos/secrets/gitea-runner-token.ryzen-shine.age b/nixos/secrets/gitea-runner-token.ryzen-shine.age
new file mode 100644
index 00000000..9b19260c
Binary files /dev/null and b/nixos/secrets/gitea-runner-token.ryzen-shine.age differ
diff --git a/nixos/secrets/secrets.nix b/nixos/secrets/secrets.nix
index 10abe652..dc16780a 100644
--- a/nixos/secrets/secrets.nix
+++ b/nixos/secrets/secrets.nix
@@ -5,4 +5,5 @@ in
   "gpg-passphrase.age".publicKeys = keys.agenixKeys;
   "cache-priv-key.pem.age".publicKeys = keys.agenixKeys;
   "gitea-runner-token.age".publicKeys = keys.agenixKeys;
+  "gitea-runner-token.ryzen-shine.age".publicKeys = keys.agenixKeys;
 }