diff --git a/secrets/keys/nixremote.age b/secrets/keys/nixremote.age
index 36322c0..b8b4073 100644
Binary files a/secrets/keys/nixremote.age and b/secrets/keys/nixremote.age differ
diff --git a/secrets/keys/nixservepriv.age b/secrets/keys/nixservepriv.age
index 05f93cb..20ef431 100644
--- a/secrets/keys/nixservepriv.age
+++ b/secrets/keys/nixservepriv.age
@@ -1,27 +1,23 @@
 age-encryption.org/v1
--> ssh-ed25519 Xp6AuQ 6zWeAuAxt6YI5JdPep5QqfWfTRWJi3T49vb75URi8SY
-IjcXC5MKPYGErpGhpeHMcgaugrVHyFg3z6TN0vhvGH8
+-> ssh-ed25519 Xp6AuQ LgGsSor/ZbkyAv/ShGKifeiEdjL8dsQVgpJJEuOBgSY
+YdMAQh0eWd4MNGV+5r5gsdID53Mcry0Ee3PpTYNH7/I
 -> ssh-rsa VtjGpQ
-Ii3fw9b5i1T5fJL+3PXczo5EW1iE/Jp/pEQ8qpCUc+9dX6n/x6uz8IblSVYWNQnc
-0TPAmvZlXN9zAL9yL9fIsZDK0ZF9GoSlHVYt+OM+NMeNBqqkpue8jgSLd6RFO5vH
-ReSO605+latKouNHS/g4qg0XPE5AZrRRGL/UFRS890ZrMFvQfyB5NARrWrtl6O9C
-jugBjgVXRJvp62Ky1qfTYHSSs9C7Ckxl84DlMHfVMx4i00VA7JA8dg2wUJE00VZW
-LmYNQ0EOfO+BBeBrY1rFg+phBmnpZKGoIV1GVio0dA5cOAVYslSwin+jeGAvsqz7
-+7rJtSx/4IlRFfAy47jrT6tIaBW04iVAJN3UXqKcIR4ULUUL5295jNHzgUzzcBCC
-q52pzFsT3VcTvzOfcHBMxkHIeWXznqWe06qrtPnzz2PknBJ4VSlw6kObX25VZqn6
-tsKFB7qXON9zKH5iB80N1KkG7fc+8geMJP8ZG3rk/49Bj4gczVwUuMDaGKqAZ0rH
-hGYTuQPxE0xS38maxMl+KH3hwYACJYWhpLqSEDFmNFhmK2QgMeCryZGn8+j+qmr6
-TTuSFym1cSnlhA9e8B3WmLqoibkOl17N0dj6D/nUPdZQ9BHujDPnt9Ghjm1Y9Jg1
-yE4Fk6Jg8aS3+pwQMOLgEY9x3jTWdouco4Kgy+f7yoM
--> piv-p256 grR75w A/5q4DtKLFiSs1sURKgDw9rnUetNPyjIKefB/VZN9tcD
-xsd3JeqDR8GiH/dBe/zkobnhCQFZ5vxuRVf+fgWavt4
--> piv-p256 RQguQQ Au3E8BcyQy9WvSwo89K/y1mQNu1YR+aXa/om3rYzyYoe
-ka0MIRZiyEwhEGlF4dRUyU/lUkz1yJLzi4gla+6T6i4
--> 93`-grease uYKu~(\x b ,k k`N
-eu7veI1qvOSizB6N8yf4G4YK1qwo8R4+j/JZrKK9EGndICKyJ0r7VX4jzfZuxPfz
-EIUoI5j1Ze6JGz4Sveq2+TARFXFjOiVyhNR0JXBJ60TEtjj7sddZgEluuJSQqODv
-
---- JbSd2VGwQKDJil/9g4vfQonVymxogwnOeKY6I/55RfE
-ÈNx¡¤GÛ5_ùFÆ!§˜kFÍ×·Óá
-QÿV(í¦ƒ‰nù[ñthI®Ä'%	Î‘œÞÔoSQÑë†]ô±DD'Zâá¯¹/i1éø./'¹ámžüˆ
-lÖÚ¾mY|”fÙ†OÃéÝƒšÎèq?Ì¬¾“°Ãa¶äò€SCÿt^†™Ó•
\ No newline at end of file
+RqBn6P+r+jtvEYTXclcDdKYFOqpZcZWQQv/zw9UzSPc9lO/0YPSUZOrfMP57pwXz
+klkfO5DPV6ddWz/dtMvG+N/YhOh+tBHIhMT7wbIwtjB5gLZB6M9a5GL8PNP595tC
+W69GTL8BozDCV+8ulHfqB6OWmspCLBk5Gaa1ZLxfR8EWO8UQuzc4u52+BTPzBgO4
+w/R3MdCB+9zLPyKpWFeLuPzv6aI6iCFpD4tckjc/9GMbj+qQK60zqay87t4sxOOT
+0nFkibHsMCsFezc0hB2d5cCLBWiMX2amAM7J4sUpcNgKnqKCdnFaAMQ+g8iipFo6
+yXhnpCxuVgEMRuEvKO/uODYKdYnNYyNAWI2EznOQEUDcmfxFwTGNNQdNSgyXbDBh
+KSVvWXF9b0oyZDtZOUZpPhkQ+vvWNJ3MU7CktKYuoUKiJuWFmIWjcLW3mNhG9mHa
+E7jsjyu23OCd1o1wl6+NrWagVrp49IiiMnpYY3crIK1XxYunbF9D0G6aJ5DgwFbk
+27PqroEHMElmKtNXUlt9IZilzdsh3VywXEwDcGOWXFdF40ff1r5nZdeBqV3swgQf
+J3N2IWAcz44+Z0TCa69yGToCP0PWvqDL6le8+KF/VuYyVZXNjL9P3SGGaanYYq8/
+LoV3GcsluEmGww3KEo8e3TyZ3Y4vUSmgsFYdTIRmzXc
+-> piv-p256 grR75w AgrW9qYP4a7P0f3X2NApXEeNycYzpPOMXOMR1ymNS7x3
+yIBqnjV0+5qz39Eayqydi7ele1+nYQreR2BKXOH+fDA
+-> piv-p256 RQguQQ AtehYCJa7xyNSkv5wmAcwJM8qYRA5zYVV26IPBQNLvQc
++TC+h2vToouW/1TyezynPeTAoUHJEQ6zpIcSEHlvzNc
+-> )VQ-grease o \HWt
+MMT5QK/bpCWUjwREPbOgteRojuNr9t5xwez78ZACr62bDxJWr0w
+--- 63K8UqiFb7TGh1crrISnw13s72DhKzmTUksaSriVEYw
+î% m“–#Ä¢]C+ÁôQQð¶ZÌZœzõ½ÃÜŽçb„B~Ã˜u|Fè?Ç–—éev]Ãd¨-QGÈYEä’Ÿ´rÜø"q½%êÁXS=ÀP.çÑÕF(`¸5EÞ®î¥úo©CF)œžþ‡°;>I·èïù©…cï=
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 1e43962..e9e7f1c 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -18,12 +18,14 @@ let
       yubia
   ];
 
-  dmz = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwN8p78OncPIRUfV64PLHOem4LtlQ3opOJwLEYqdGVx";
+  server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwN8p78OncPIRUfV64PLHOem4LtlQ3opOJwLEYqdGVx";
+  dmz = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmivVLbkJJ1anwQ8CeNT7rv0Qxinp1LIQIjVWZpnIE5";
   hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgnWyQUUa+vcHAKx6edbTgqW8ph+MCiS6fUwYjYcS+o";
   nas = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPfKbeexWFg8nFEQvZCcFycrwil24c4HJxZazDQpnVNs";
   jupiter = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBQr9/TIeAd25h0gfOPjoHs6JMeye4V04LuFufbe1S/";
   steamdeck = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV8tMIza5FOB3DQhiYaS3QG67n4J0e4okCrvoxPxneA";
   systems = [ 
+      server
       dmz
       hades
       nas
@@ -31,7 +33,10 @@ let
       steamdeck
   ];
   servers = [
-      dmz
+      server
+  ];
+  dmzs = [
+    dmz
   ];
   buildClients = [
       nas
@@ -56,7 +61,7 @@ in
         "services/nextcloud/dbpassFile.age".publicKeys = servers ++ users;
         "services/gitea/databasePassword.age".publicKeys = servers ++ users;
         "services/gitea/mailerPassword.age".publicKeys = servers ++ users;
-        "services/woodpecker/environment.age".publicKeys = servers ++ users;
+        "services/gitea/runner-token.age".publicKeys = dmzs ++ users;
         "keys/nixremote.age".publicKeys = buildClients ++ users;
         "keys/nixservepriv.age".publicKeys = buildServer ++ users;
     }
diff --git a/secrets/services/coturn/static-auth.age b/secrets/services/coturn/static-auth.age
index def20b6..cd8339c 100644
Binary files a/secrets/services/coturn/static-auth.age and b/secrets/services/coturn/static-auth.age differ
diff --git a/secrets/services/gitea/databasePassword.age b/secrets/services/gitea/databasePassword.age
index 95f8bf9..1846660 100644
Binary files a/secrets/services/gitea/databasePassword.age and b/secrets/services/gitea/databasePassword.age differ
diff --git a/secrets/services/gitea/mailerPassword.age b/secrets/services/gitea/mailerPassword.age
index 6df701b..ed28559 100644
Binary files a/secrets/services/gitea/mailerPassword.age and b/secrets/services/gitea/mailerPassword.age differ
diff --git a/secrets/services/gitea/runner-token.age b/secrets/services/gitea/runner-token.age
new file mode 100644
index 0000000..51c82a3
--- /dev/null
+++ b/secrets/services/gitea/runner-token.age
@@ -0,0 +1,23 @@
+age-encryption.org/v1
+-> ssh-ed25519 jFEPfw 7GPgqr38ed2vzHtIwvpdKXlYIPtwiZN4+qjg2Nr24lA
+wu6432gsbtyuAPboG8KIAcYY0PJ+eoBsLv4TVNaW46s
+-> ssh-rsa VtjGpQ
+TkypDCoqc5bJq+9frLQ7smGWkB2NhaX9d+5n9LD6nOxis6l9zcNxkfenV1uYSprN
+mQFEpI3k6sOAhwbmj/E2cBdWOyycHbSj2twb0oC+7CWbZ1nnKdssXNk78F6WxqDc
+ixeyvCX0iRD20zbx7Seu7fcWA/DyMp21i3+o6HgHm7xFXYHEY2TFietKcQ7k/AB5
+uagAJqu9hDq0mt+FXUE8XF/2qCBjGrXe9MXJ2rRYgxTc5jpcOq7NGEWYlJRRoBU0
+gxP/56VWwznOgC+OLM/bjHIsgwE72qAMepkNQfVTn9DW0QkTweUllgfkbGy2MWE7
+mhhoj1qv7H/zba88Nqk8cBCIp5vqHYsylm4osxmGk0jDZp5YW4q4zzwEZTpFL7qO
+UfKO3u6PSBqQXsR0rqyt9N6tlLPw5HfkbsrqsiLmIdd/uHGT7YzcgsBKSlOsz82a
+/A1KpQk1t29uRZu3y1730m3JnSULp9J+u6v98JJYM45GOF7VD9W5fd3JXKbrzQU+
+FA0o4NiKO3zRumFfKMQ6Abecjr4I7Bcb3aFKlm8TuoGaMokstEzzbudZ2UBpaWHV
+VaSVRwecJy3F3b6dCoamlkUaVieMcQ0xZeanxNh5Loms7+c/3fUVPTZxI1nAZj37
+POa6dQIa9BPjn37nKe2No85m1bOxPpqy6zbrY7FT+fg
+-> piv-p256 grR75w A4VeO8R3wsQSfkbM9i4NESS/5p79EEibx+fTwkPuOPA7
+NO85JgDG1TOv2skm9U1iFDo8xiSvTZAZczkQiL7xowI
+-> piv-p256 RQguQQ ArSJyxYg05a15U9Gs3hLSt3Vpp5nnnc36ngsqJDXsH0D
+CK+RirvNcHkWcZAhhOl2sfx0yVFt+TJg2LcqMyBTdpM
+-> 'o!~-grease
+hBkhbW9+6v5C07xTiZk9hcu3Dj2FI+tijs7w9Mqm4RzkLle/RK5GDg
+--- 3dgDTPOnrGF0aaqSAiuwupTNrF49vbHY0JeSojlgZ10
+÷“¸.ÚL'›Œ‡{MDµÙÂôÜôÛ@†¤d¸*úÊI|`Ïì*ù©¥)3u¢ƒªÔZ¿˜ib‹ï-šu±îÎ‚;K¹çY-
\ No newline at end of file
diff --git a/secrets/services/matrix/mautrix-signal.age b/secrets/services/matrix/mautrix-signal.age
index bed53c5..e2f1213 100644
Binary files a/secrets/services/matrix/mautrix-signal.age and b/secrets/services/matrix/mautrix-signal.age differ
diff --git a/secrets/services/matrix/mautrix-telegram.age b/secrets/services/matrix/mautrix-telegram.age
index 562c8f4..6781aee 100644
Binary files a/secrets/services/matrix/mautrix-telegram.age and b/secrets/services/matrix/mautrix-telegram.age differ
diff --git a/secrets/services/matrix/mautrix-whatsapp.age b/secrets/services/matrix/mautrix-whatsapp.age
index bd90520..87f9756 100644
Binary files a/secrets/services/matrix/mautrix-whatsapp.age and b/secrets/services/matrix/mautrix-whatsapp.age differ
diff --git a/secrets/services/matrix/signal-registration.age b/secrets/services/matrix/signal-registration.age
index 3acfd00..d336fd4 100644
Binary files a/secrets/services/matrix/signal-registration.age and b/secrets/services/matrix/signal-registration.age differ
diff --git a/secrets/services/matrix/synapse.age b/secrets/services/matrix/synapse.age
index d0e404c..dfb519c 100644
Binary files a/secrets/services/matrix/synapse.age and b/secrets/services/matrix/synapse.age differ
diff --git a/secrets/services/matrix/telegram-registration.age b/secrets/services/matrix/telegram-registration.age
index 73b448a..97c1720 100644
Binary files a/secrets/services/matrix/telegram-registration.age and b/secrets/services/matrix/telegram-registration.age differ
diff --git a/secrets/services/matrix/whatsapp-registration.age b/secrets/services/matrix/whatsapp-registration.age
index 8af5ebc..ca26cfb 100644
Binary files a/secrets/services/matrix/whatsapp-registration.age and b/secrets/services/matrix/whatsapp-registration.age differ
diff --git a/secrets/services/nextcloud/adminpassFile.age b/secrets/services/nextcloud/adminpassFile.age
index 5605736..c13a744 100644
Binary files a/secrets/services/nextcloud/adminpassFile.age and b/secrets/services/nextcloud/adminpassFile.age differ
diff --git a/secrets/services/nextcloud/dbpassFile.age b/secrets/services/nextcloud/dbpassFile.age
index cdc47eb..8c8b73b 100644
--- a/secrets/services/nextcloud/dbpassFile.age
+++ b/secrets/services/nextcloud/dbpassFile.age
@@ -1,23 +1,23 @@
 age-encryption.org/v1
--> ssh-ed25519 neExcQ eRTtVIiKoO9AZQ9yRD4q9T/lVGSbdfS6ZgA51Ml6qXc
-w4f14e0CznYvbSUV9wH9WE4we2ZaThM1PwFrcG+6HkE
+-> ssh-ed25519 neExcQ TnOqlJWKlTHYcjKkI93gX7pU1WzUbTnk0ZDlxQ/DQlw
+4Z51QfzVwEWZLRv6o3H5lf8oRbaEPtYokj/rzrUvX8s
 -> ssh-rsa VtjGpQ
-mZxOedvPF5L7aw7JjqAAUNfvjcHrl6w/75qkOgCXzcZh3EzcG+IuIUE8kYwBt/I/
-GxCb3/97fPt1sJfvosytyD0tlv2+Jw+N+PHHroYaoWEGnYbG1YFDuvnRu4viJXyi
-1DEVT50mn9SrBW3fKGRqajoSkeCMCn6QmVC07/ULB5GnxU2Pn8LspgV7CLOuCPOK
-PtBYJFOmP/HqgX6YNo3hQ2YzQMeqXepRhD/ph/o53j5FdVBznR1LCcjKm7/XyyCp
-VLp+J+7tjlIDoby/3OoDTEs5hq0+TXa/GbR4Lka80YJOeHcmR/YTD4ZZTo+Ia1cV
-/DZU08WqvF22Cl3hIpeEH6pzmsQOrMhuKrAOHb0pZV5WdToL9BAHqMljSdVWRnjs
-6w1eLs1zaFTMuW0p+1oWsENrnP3ZrmTZFgBt2Mh6caz8J8gIcVnwoHiNnb7YqHL+
-3eljflFx0RFuZT0ElRChleex4CpVaYMyJK4A48w7ZCyozZU5Bw3zB75zBhC175RU
-mk+nYdgZk9N3RaGq1LPmvQyT+MlPm7mNm8i890waKAt5/aHRJWm93rR8U6pdDvoo
-m/Tvy2GUsijPKf0aslQbythORklVbd8oCdAEriVytTvMBgVVFILELZgfkC1Xshus
-fOshVaW6SzzjFo05bMag+Jy0xvssNsAtYXASNpppU1Y
--> piv-p256 grR75w AplHuSHuZrF5Css3ni2ERR1BzgwXyRJvx6IYTfGlyqwN
-cSdgdziCAqF0g+md3SccEYdXr2ToWjkgFsgELD1+9ok
--> piv-p256 RQguQQ ArMD6UvO+SpTynXaYhu0/R3wv9vr+H9ItjJ6745tCldl
-V1+uCejnDgUA6Nul0Ep6p9ZfmxTWxPQI+FCAXpjvDoQ
--> )-grease
-GkM9VaOPQsWVdWXolVrlPay6CQ
---- 73KeTR/c+AeTO+DQo7gjDD0QIen4hYCcnPG6b3hlUQg
-WšuµeKpç”éŽ>•f©·Õ–âåÇMÒ iAZ”Õ£/¾:…â·Ï«Axm2¶Òœ)²©S…B
\ No newline at end of file
+StqKhCul2zY2ktLQGjMzwZVp5vNajGoSfx/RFje3mgtL1NfInabAJ+dFveiEEq8H
+uhXBvufZdBRdpU859MDirkLQjzh22Fc90L2OZQIdsyi+V+VrDmgLl2Qj0SKVZ5/Y
+kB+fXvgzDqeDzRqritxy7MxEL2dW8XGjRcb0td3Rg+/x6v2WM3ZmxJUrEJGboCSF
+6q51TO0bAvnwcEeKtcdbFjIqhQraIFPj8DaAorAmotp+NNi6tRhIzO7aR4Hdk7eH
+Q12QRGOgBTPZJd9m6gQEV0rixhh6mQ5Whs2PfFlQVwnIjaGh1DDXHlbIqHGH9s4V
+Dx4Dv0XqLHxy8+HTvKIzE438gYC9C6PGpO20PHC8vE3FLU+cm/tA5enKKDnCOU/J
+A3e8lj7Fiko5m9k2GXPqMCtvIRNCxBUxntcDL2RhUTKK4uEALoaeA3Xw3htITFrJ
+aqep3Of9XWfkuZtxTVzeTzf2T5g+Q4LjHBHgpINuprW5+nTU8YP3+HEzbNwSpGVf
+N7XSz7L04uvPc98ZHqcuIo8B1QHI/d5M46HNrT/Z2zCPxCQ/eOEkkrwJkeY/voFY
+c9OCyM2GRBD7CFhicWrasHSxSHRtDLznqyX6NKAUHwIuwjtLohPErbQTV0vh0G+F
+YL82v7QJeDnOZYoGzdQFrvWcKcJY0bWt7GOLx9oqu68
+-> piv-p256 grR75w AyXIgGxLpkrcKe6PJwkxfchvTuT0w36Za++hSO4Zvy1A
+lCZ6j1xYTyBPRyOgmAv7uFMBTHRFrkVPcTXgoOW2FDY
+-> piv-p256 RQguQQ A3hwwpWy5jxYbBNaQ16DgZUjTvB8xVrfk1EYpIj/iQYG
+8OLSxsrs2Q5dxtSjNj2RNpfjNvosB064UUW5oQ3veUw
+-> ~y6!%p-grease lz07kqJH
+CXHrusViKg4
+--- 2ZGjhpfYnZGZV7Q7nSIQEmiGZBg3bGzZG+UOs1RMN0U
+K§EÔD¨A„¿°‚ZqiSx²|¨05ZÏ€*K¨öt1¸›(ë†HWý—j,à×:,ÁüàkwÂ»æ
\ No newline at end of file
diff --git a/secrets/services/postgresql/initScript.age b/secrets/services/postgresql/initScript.age
index 543394d..ff4c446 100644
Binary files a/secrets/services/postgresql/initScript.age and b/secrets/services/postgresql/initScript.age differ