diff --git a/.gitea/workflows/infisical-secrets.yml b/.gitea/workflows/infisical-secrets.yml
index 7e690d6..e970016 100644
--- a/.gitea/workflows/infisical-secrets.yml
+++ b/.gitea/workflows/infisical-secrets.yml
@@ -8,15 +8,10 @@ on:
 jobs:
   list-secrets:
     runs-on: ubuntu-latest
+    container:
+      image: docker.gitea.com/runner-images:ubuntu-latest
+      options: --network host
     steps:
-      - name: Force DNS resolution
-        run: |
-          # Dynamically fetch the public IP to handle dynamic DNS
-          # We query Cloudflare DNS (1.1.1.1) to ignore local/Tailscale records
-          PUBLIC_IP=$(dig +short @1.1.1.1 infisical.lemarechal.eu | tail -n1)
-          echo "Public IP found: $PUBLIC_IP"
-          echo "$PUBLIC_IP infisical.lemarechal.eu" | sudo tee -a /etc/hosts
-
       - name: Fetch Secrets from Infisical
         uses: https://github.com/Infisical/secrets-action@v1.0.7
         with:
@@ -30,6 +25,4 @@ jobs:
       - name: Display Secrets
         run: |
           echo "Secrets fetched and injected as environment variables."
-          # Note: Gitea/GitHub will mask the values of these secrets in the logs.
-          # To see which keys were fetched, we can list the environment variables.
           env | grep -v "GITHUB_" | grep -v "GITEA_" | sort