diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index af2b0ce..32b33df 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,7 +3,7 @@ variables:
    DOCKER_HOST: tcp://docker:2375/
    DOCKER_DRIVER: overlay2
 services:
-  - registry.wojciechkozlowski.eu/wojtek/loki/dind:latest
+  - docker:dind
 
 before_script:
   - apk add make
@@ -33,8 +33,3 @@ nextcloud:
   extends: .builds
   script:
     - make nextcloud
-
-dind:
-  extends: .builds
-  script:
-    - make dind
diff --git a/Makefile b/Makefile
index ba47b51..a03726c 100644
--- a/Makefile
+++ b/Makefile
@@ -84,26 +84,6 @@ nextcloud-pull:
 
 nextcloud: nextcloud-clean nextcloud-build nextcloud-push
 
-# -----------------------------------------------------------------------------
-# dind
-# -----------------------------------------------------------------------------
-
-DIND = $(DOCKER_REGISTRY)/dind
-
-dind-clean:
-	docker rmi $(DIND) || /bin/true
-
-dind-build:
-	docker build -f dind/Dockerfile -t $(DIND) ./dind
-
-dind-push:
-	docker push $(DIND)
-
-dind-pull:
-	docker pull $(DIND)
-
-dind: dind-clean dind-build dind-push
-
 # -----------------------------------------------------------------------------
 # Collect targets.
 # -----------------------------------------------------------------------------
@@ -115,26 +95,22 @@ clean-all:
 clean-builds: \
 	proxy-clean \
 	wiki-clean \
-	nextcloud-clean \
-	dind-clean
+	nextcloud-clean
 
 build-all: \
 	proxy-build \
 	wiki-build \
-	nextcloud-build \
-	dind-build
+	nextcloud-build
 
 push-all: \
 	proxy-push \
 	wiki-push \
-	nextcloud-push \
-	dind-push
+	nextcloud-push
 
 pull-all: \
 	proxy-pull \
 	wiki-pull \
-	nextcloud-pull \
-	dind-pull
+	nextcloud-pull
 
 # -----------------------------------------------------------------------------
 # Clean - build - push
diff --git a/dind/Dockerfile b/dind/Dockerfile
deleted file mode 100644
index d8e2ba9..0000000
--- a/dind/Dockerfile
+++ /dev/null
@@ -1,2 +0,0 @@
-FROM docker:dind
-COPY hosts /etc/hosts
diff --git a/runner/Dockerfile b/runner/Dockerfile
new file mode 100644
index 0000000..64ba3a1
--- /dev/null
+++ b/runner/Dockerfile
@@ -0,0 +1,18 @@
+FROM debian:stable-slim
+
+ENV DEBIAN_FRONTEND noninteractive
+RUN apt-get update && apt-get -y upgrade
+
+# Add files to setup GitLab repo
+COPY script.deb.sh /tmp/script.deb.sh
+COPY pin-gitlab-runner.pref /etc/apt/preferences.d/pin-gitlab-runner.pref
+
+# Install gitlab-runner
+RUN apt-get -y install gnupg2 && bash /tmp/script.deb.sh && apt-get -y install gitlab-runner
+
+# Preserve runner's data
+VOLUME ["/etc/gitlab-runner", "/home/gitlab-runner"]
+
+# init sets up the environment and launches gitlab-runner
+CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"]
+ENTRYPOINT ["/usr/bin/gitlab-runner"]
diff --git a/runner/docker/Dockerfile b/runner/docker/Dockerfile
new file mode 100644
index 0000000..0e20bbc
--- /dev/null
+++ b/runner/docker/Dockerfile
@@ -0,0 +1,19 @@
+FROM registry.wojciechkozlowski.eu/wojtek/loki/runner-base
+
+RUN apt-get -y install \
+        apt-transport-https \
+        ca-certificates \
+        curl \
+        gnupg2 \
+        software-properties-common
+
+RUN curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | apt-key add -
+
+RUN add-apt-repository \
+    "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
+    $(lsb_release -cs) \
+    stable"
+
+RUN apt-get update && apt-get -y install docker-ce docker-compose
+
+ENV DOCKER_HOST "tcp://docker:2375"
diff --git a/dind/hosts b/runner/docker/hosts
similarity index 100%
rename from dind/hosts
rename to runner/docker/hosts
diff --git a/runner/main/Dockerfile b/runner/main/Dockerfile
new file mode 100644
index 0000000..846210a
--- /dev/null
+++ b/runner/main/Dockerfile
@@ -0,0 +1,8 @@
+FROM registry.wojciechkozlowski.eu/wojtek/loki/runner-base
+
+RUN apt-get -y install \
+        build-essential \
+        python3 \
+        python3-pip
+
+RUN pip3 install pycodestyle coverage
diff --git a/runner/pin-gitlab-runner.pref b/runner/pin-gitlab-runner.pref
new file mode 100644
index 0000000..5d25af9
--- /dev/null
+++ b/runner/pin-gitlab-runner.pref
@@ -0,0 +1,4 @@
+Explanation: Prefer GitLab provided packages over the Debian native ones
+Package: gitlab-runner
+Pin: origin packages.gitlab.com
+Pin-Priority: 1001
\ No newline at end of file
diff --git a/runner/script.deb.sh b/runner/script.deb.sh
new file mode 100644
index 0000000..b479b50
--- /dev/null
+++ b/runner/script.deb.sh
@@ -0,0 +1,173 @@
+#!/bin/bash
+
+unknown_os ()
+{
+  echo "Unfortunately, your operating system distribution and version are not supported by this script."
+  echo
+  echo "You can override the OS detection by setting os= and dist= prior to running this script."
+  echo "You can find a list of supported OSes and distributions on our website: https://packages.gitlab.com/docs#os_distro_version"
+  echo
+  echo "For example, to force Ubuntu Trusty: os=ubuntu dist=trusty ./script.sh"
+  echo
+  echo "Please email support@packagecloud.io and let us know if you run into any issues."
+  exit 1
+}
+
+curl_check ()
+{
+  echo "Checking for curl..."
+  if command -v curl > /dev/null; then
+    echo "Detected curl..."
+  else
+    echo "Installing curl..."
+    apt-get install -q -y curl
+  fi
+}
+
+install_debian_keyring ()
+{
+  if [ "${os}" = "debian" ]; then
+    echo "Installing debian-archive-keyring which is needed for installing "
+    echo "apt-transport-https on many Debian systems."
+    apt-get install -y debian-archive-keyring &> /dev/null
+  fi
+}
+
+
+detect_os ()
+{
+  if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
+    # some systems dont have lsb-release yet have the lsb_release binary and
+    # vice-versa
+    if [ -e /etc/lsb-release ]; then
+      . /etc/lsb-release
+
+      if [ "${ID}" = "raspbian" ]; then
+        os=${ID}
+        dist=`cut --delimiter='.' -f1 /etc/debian_version`
+      else
+        os=${DISTRIB_ID}
+        dist=${DISTRIB_CODENAME}
+
+        if [ -z "$dist" ]; then
+          dist=${DISTRIB_RELEASE}
+        fi
+      fi
+
+    elif [ `which lsb_release 2>/dev/null` ]; then
+      dist=`lsb_release -c | cut -f2`
+      os=`lsb_release -i | cut -f2 | awk '{ print tolower($1) }'`
+
+    elif [ -e /etc/debian_version ]; then
+      # some Debians have jessie/sid in their /etc/debian_version
+      # while others have '6.0.7'
+      os=`cat /etc/issue | head -1 | awk '{ print tolower($1) }'`
+      if grep -q '/' /etc/debian_version; then
+        dist=`cut --delimiter='/' -f1 /etc/debian_version`
+      else
+        dist=`cut --delimiter='.' -f1 /etc/debian_version`
+      fi
+
+    else
+      unknown_os
+    fi
+  fi
+
+  if [ -z "$dist" ]; then
+    unknown_os
+  fi
+
+  # remove whitespace from OS and dist name
+  os="${os// /}"
+  dist="${dist// /}"
+
+  echo "Detected operating system as $os/$dist."
+}
+
+main ()
+{
+  detect_os
+  curl_check
+
+  # Need to first run apt-get update so that apt-transport-https can be
+  # installed
+  echo -n "Running apt-get update... "
+  apt-get update &> /dev/null
+  echo "done."
+
+  # Install the debian-archive-keyring package on debian systems so that
+  # apt-transport-https can be installed next
+  install_debian_keyring
+
+  echo -n "Installing apt-transport-https... "
+  apt-get install -y apt-transport-https &> /dev/null
+  echo "done."
+
+
+  gpg_key_url="https://packages.gitlab.com/runner/gitlab-runner/gpgkey"
+  apt_config_url="https://packages.gitlab.com/install/repositories/runner/gitlab-runner/config_file.list?os=${os}&dist=${dist}&source=script"
+
+  apt_source_path="/etc/apt/sources.list.d/runner_gitlab-runner.list"
+
+  echo -n "Installing $apt_source_path..."
+
+  # create an apt config file for this repository
+  curl -sSf "${apt_config_url}" > $apt_source_path
+  curl_exit_code=$?
+
+  if [ "$curl_exit_code" = "22" ]; then
+    echo
+    echo
+    echo -n "Unable to download repo config from: "
+    echo "${apt_config_url}"
+    echo
+    echo "This usually happens if your operating system is not supported by "
+    echo "packagecloud.io, or this script's OS detection failed."
+    echo
+    echo "You can override the OS detection by setting os= and dist= prior to running this script."
+    echo "You can find a list of supported OSes and distributions on our website: https://packages.gitlab.com/docs#os_distro_version"
+    echo
+    echo "For example, to force Ubuntu Trusty: os=ubuntu dist=trusty ./script.sh"
+    echo
+    echo "If you are running a supported OS, please email support@packagecloud.io and report this."
+    [ -e $apt_source_path ] && rm $apt_source_path
+    exit 1
+  elif [ "$curl_exit_code" = "35" -o "$curl_exit_code" = "60" ]; then
+    echo "curl is unable to connect to packagecloud.io over TLS when running: "
+    echo "    curl ${apt_config_url}"
+    echo "This is usually due to one of two things:"
+    echo
+    echo " 1.) Missing CA root certificates (make sure the ca-certificates package is installed)"
+    echo " 2.) An old version of libssl. Try upgrading libssl on your system to a more recent version"
+    echo
+    echo "Contact support@packagecloud.io with information about your system for help."
+    [ -e $apt_source_path ] && rm $apt_source_path
+    exit 1
+  elif [ "$curl_exit_code" -gt "0" ]; then
+    echo
+    echo "Unable to run: "
+    echo "    curl ${apt_config_url}"
+    echo
+    echo "Double check your curl installation and try again."
+    [ -e $apt_source_path ] && rm $apt_source_path
+    exit 1
+  else
+    echo "done."
+  fi
+
+  echo -n "Importing packagecloud gpg key... "
+  # import the gpg key
+  curl -L "${gpg_key_url}" 2> /dev/null | apt-key add - &>/dev/null
+  echo "done."
+
+  echo -n "Running apt-get update... "
+  # update apt on this system
+  apt-get update &> /dev/null
+  echo "done."
+
+  echo
+  echo "The repository is setup! You can now install packages."
+}
+
+main
+