diff --git a/.gitea/workflows/infisical-secrets.yml b/.gitea/workflows/infisical-secrets.yml
index e970016..8177271 100644
--- a/.gitea/workflows/infisical-secrets.yml
+++ b/.gitea/workflows/infisical-secrets.yml
@@ -8,10 +8,18 @@ on:
 jobs:
   list-secrets:
     runs-on: ubuntu-latest
-    container:
-      image: docker.gitea.com/runner-images:ubuntu-latest
-      options: --network host
     steps:
+      - name: Force DNS resolution
+        run: |
+          # Install dnsutils to get the 'dig' command
+          sudo apt-get update && sudo apt-get install -y dnsutils
+          
+          # Dynamically fetch the public IP to handle dynamic DNS
+          # We query Cloudflare DNS (1.1.1.1) to ignore local/Tailscale records
+          PUBLIC_IP=$(dig +short @1.1.1.1 infisical.lemarechal.eu | tail -n1)
+          echo "Public IP found: $PUBLIC_IP"
+          echo "$PUBLIC_IP infisical.lemarechal.eu" | sudo tee -a /etc/hosts
+
       - name: Fetch Secrets from Infisical
         uses: https://github.com/Infisical/secrets-action@v1.0.7
         with: