diff --git a/manifests/artemis/gitea-runners/values.yaml b/manifests/artemis/gitea-runners/values.yaml
index a48e17f..62c94bc 100644
--- a/manifests/artemis/gitea-runners/values.yaml
+++ b/manifests/artemis/gitea-runners/values.yaml
@@ -1,8 +1,15 @@
-# values.yaml (full relevant sections)
 enabled: true
 
 statefulset:
-  # One emptyDir to carry just the docker.sock across containers
+  replicas: 3
+  annotations: {}
+  labels: {}
+  resources: {}
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  # Share only the docker.sock file between containers
   extraVolumes:
     - name: docker-socket
       emptyDir: {}
@@ -11,21 +18,25 @@ statefulset:
     repository: gitea/act_runner
     tag: 0.2.13
     pullPolicy: IfNotPresent
+
+    # Ensure runner talks to DinD via Unix socket and never uses TLS
     extraEnvs:
       - name: DOCKER_HOST
         value: unix:///var/run/docker.sock
       - name: DOCKER_BUILDKIT
         value: "1"
-      # Make sure TLS vars are not set; these lines ensure they are blank
       - name: DOCKER_TLS_CERTDIR
         value: ""
       - name: DOCKER_TLS_VERIFY
         value: ""
-    # Mount only the socket path from the shared volume
+
+    # Mount only the socket path; avoid mounting the whole /var/run
     extraVolumeMounts:
       - name: docker-socket
         mountPath: /var/run/docker.sock
         subPath: docker.sock
+
+    # Gitea act-runner config
     config: |
       log:
         level: info
@@ -46,25 +57,31 @@ statefulset:
     repository: docker
     tag: 28.3.3-dind
     pullPolicy: IfNotPresent
-    # Disable TLS entirely for in-pod socket use
+
+    # Disable TLS; use only the default Unix socket
     extraEnvs:
       - name: DOCKER_TLS_CERTDIR
         value: ""
-      # Uncomment if you hit iptables legacy issues on your nodes
+      # Uncomment if needed on your nodes:
       # - name: DOCKER_IPTABLES_LEGACY
       #   value: "1"
-    # Mount the same socket path; dockerd will create the file at startup
+
+    # Mount the same socket path so dockerd can create it
     extraVolumeMounts:
       - name: docker-socket
         mountPath: /var/run/docker.sock
         subPath: docker.sock
-    # Ensure dockerd uses the default unix socket only; don't bind TCP
-    # Some Helm charts expose command/args—include them if available:
+
+    # Ensure no TCP binding; unix socket only
     command: ["dockerd"]
     args:
       - "--host=unix:///var/run/docker.sock"
       - "--storage-driver=overlay2"
 
+  # Optional persistence for DinD (images/layers)
+  persistence:
+    size: 1Gi
+
 init:
   image:
     repository: busybox