diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index 85925b1..1e4ab54 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -28,6 +28,7 @@
     ./programs/deluge.nix
     ./programs/prosody.nix
     ./programs/yggdrasil.nix
+    ./programs/forgejo.nix
 
     ./monitoring/grafana.nix
     ./monitoring/prometheus.nix
diff --git a/nixos/databases/postgres.nix b/nixos/databases/postgres.nix
index 47fbe98..fa5477b 100644
--- a/nixos/databases/postgres.nix
+++ b/nixos/databases/postgres.nix
@@ -14,6 +14,7 @@
       "prosody"
       "grafana"
       "postgres-exporter"
+      "forgejo"
     ];
     ensureUsers = [
       {
@@ -66,6 +67,11 @@
         ensureDBOwnership = true;
         ensureClauses.login = true;
       }
+      {
+        name = "forgejo";
+        ensureDBOwnership = true;
+        ensureClauses.login = true;
+      }
     ];
     identMap = ''
        # ArbitraryMapName systemUser DBUser
diff --git a/nixos/programs/forgejo.nix b/nixos/programs/forgejo.nix
new file mode 100644
index 0000000..8094b24
--- /dev/null
+++ b/nixos/programs/forgejo.nix
@@ -0,0 +1,34 @@
+{ config, ... }:
+{
+  services.forgejo = {
+    enable = true;
+    settings = {
+      session.COOKIE_SECURE = true;
+      server = {
+        ROOT_URL = "https://git.comfycamp.space";
+        PROTOCOL = "http+unix";
+        DOMAIN = "git.comfycamp.space";
+      };
+      log.LEVEL = "Warn";
+      mailer = {
+        ENABLED = true;
+        PROTOCOL = "smtps";
+        SMTP_ADDR = "comfycamp.space";
+        SMTP_PORT = 465;
+        USER = "forgejo@comfycamp.space";
+      };
+    };
+    mailerPasswordFile = "/var/lib/secrets/forgejo/mail.txt";
+    database = {
+      type = "postgres";
+      socket = "/run/postgresql";
+    };
+  };
+  services.nginx.virtualHosts."git.comfycamp.space" = {
+    useACMEHost = "comfycamp.space";
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://unix:${config.services.forgejo.settings.server.HTTP_ADDR}";
+    };
+  };
+}