For anyone else who runs into this. I had to add

 - name: Set up Docker Buildx
    uses: docker/setup-buildx-action@v3
    with:
      driver-opts: image=moby/buildkit:latest
      install: true
      network: host
      buildkitd-config-inline: |
        [registry."<ip>:<port>"]
          http = true
          insecure = true

to the yaml in the build step. I tried using the toml files for this but that doesn't work as gitea runner does not have access to the filesystem same way even though the container of the runner has access to the toml files. Bonus tip: once this started working, I was able to pull from the registry in portainer by setting up the /etc/docker/daemon.json to insecure the registry. Also discovered the repull & deploy based on a webhook in portainer which is simply a POST request. Integrating this into my gitea action is magical and works.