diff --git a/hosts/zora/default.nix b/hosts/zora/default.nix
index 2d2be94..4a85520 100644
--- a/hosts/zora/default.nix
+++ b/hosts/zora/default.nix
@@ -22,6 +22,7 @@
       ../../modules/server/nayru
       ../../modules/server/kalif
       ../../modules/server/maistro
+      ../../modules/server/biggoron
 
       # disko.nixosModules.disko
       agenix.nixosModules.default
diff --git a/hosts/zora/reverse-proxy.nix b/hosts/zora/reverse-proxy.nix
index d6aeb16..2cae76f 100644
--- a/hosts/zora/reverse-proxy.nix
+++ b/hosts/zora/reverse-proxy.nix
@@ -50,6 +50,15 @@
           proxyWebsockets = true;
         };
       };
+      # 44303
+      "git.lyes.eu" = {
+        forceSSL = true;
+        enableACME = true;
+        extraConfig = ''
+          client_max_body_size 512M;
+        '';
+        locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
+      };
       
       # 9980
       "collabora.lyes.eu" = {
diff --git a/modules/server/biggoron/default.nix b/modules/server/biggoron/default.nix
new file mode 100644
index 0000000..407495e
--- /dev/null
+++ b/modules/server/biggoron/default.nix
@@ -0,0 +1,88 @@
+{ lib, config, ... }:
+let
+  cfg = config.services.forgejo;
+  srv = cfg.settings.server;
+in
+{
+  services.openssh = {
+    ports = [
+      22
+      2222
+    ];
+    settings.AcceptEnv = "GIT_PROTOCOL";
+  };
+
+  services.forgejo = {
+    enable = true;
+
+    database = {
+      type = "postgres";
+      user = "biggoron";
+      name = "biggoron";
+      passwordFile = config.age.secrets.biggoron-db-pass.path;
+    };
+
+    # Enable support for Git Large File Storage
+    lfs.enable = true;
+
+    settings = {
+      server = {
+        DOMAIN = "git.lyes.eu";
+        # You need to specify this to remove the port from URLs in the web UI.
+        ROOT_URL = "https://${srv.DOMAIN}/"; 
+        HTTP_PORT = 44303;
+        SSH_PORT = 2222;
+      };
+
+      # You can temporarily allow registration to create an admin user.
+      service.DISABLE_REGISTRATION = true; 
+
+      # Add support for actions, based on act: https://github.com/nektos/act
+      actions = {
+        ENABLED = true;
+        DEFAULT_ACTIONS_URL = "github";
+      };
+
+      # Sending emails is completely optional
+      # You can send a test email from the web UI at:
+      # Profile Picture > Site Administration > Configuration >  Mailer Configuration 
+      mailer = {
+        ENABLED = true;
+        PROTOCOL = "sendmail";
+        # SMTP_ADDR = "taf.lyes.eu";
+        # FROM = "noreply@${srv.DOMAIN}";
+        # USER = "noreply@${srv.DOMAIN}";
+      };
+
+      # oauth2_client = {
+      #   REGISTER_EMAIL_CONFIRM = true;
+      #   USERNAME = ;
+      # };
+    };
+
+    secrets = {
+      # mailer.PASSWD = config.age.secrets.forgejo-mailer-password.path;
+    };
+  };
+
+  systemd.services.forgejo.preStart = let 
+    adminCmd = "${lib.getExe cfg.package} admin user";
+    pwd = config.age.secrets.biggoron-admin-pass;
+    user = "biggoron-admin";
+  in ''
+    ${adminCmd} create --admin --email "root@localhost" --username ${user} --password "$(tr -d '\n' < ${pwd.path})" || true
+    ## uncomment this line to change an admin user which was already created
+    # ${adminCmd} change-password --username ${user} --password "$(tr -d '\n' < ${pwd.path})" || true
+  '';
+
+  age.secrets.biggoron-db-pass = {
+    file = ../../../secrets/zora/services/biggoron-db-pass.age;
+    mode = "400";
+    owner = "forgejo";
+  };
+
+  age.secrets.biggoron-admin-pass = {
+    file = ../../../secrets/zora/services/biggoron-admin-pass.age;
+    owner = "forgejo";
+  };
+}
diff --git a/secrets.nix b/secrets.nix
index a74b6bf..2549bcc 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -19,4 +19,6 @@ in
   "secrets/zora/services/baba-admin-pass.age".publicKeys = all;
   "secrets/zora/services/nayru-conf.age".publicKeys = all;
   "secrets/zora/services/kalif-conf.age".publicKeys = all;
+  "secrets/zora/services/biggoron-db-pass.age".publicKeys = all;
+  "secrets/zora/services/biggoron-admin-pass.age".publicKeys = all;
 }
diff --git a/secrets/zora/services/biggoron-admin-pass.age b/secrets/zora/services/biggoron-admin-pass.age
new file mode 100644
index 0000000..dd96706
--- /dev/null
+++ b/secrets/zora/services/biggoron-admin-pass.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 whuRpQ P68G0JmaYc5nhGKwEniDK2LKm4HoycvpwqiBpFk2L2g
+fc0q/oJ62WE/scr3B1GugO23aZdQVIidNcGOjF+Bcuk
+-> ssh-ed25519 TFqgIg iRBnxyUvUSqwqg9D5uEF8gAz8rsi7UAp8/2EMdpgoR4
+7cnFpewmqfCyZmES3wl8ZLtp+ZTQ78wkM/hnWULqZjI
+--- gCUl3rfwNHkXbV3Dl6wabG1ADLpOsYveOJjvoTd/bvk
+�+��pd��W������L}` �z
�S�9`g _����0Y�W���=g�����t+\�t��o�%
\ No newline at end of file
diff --git a/secrets/zora/services/biggoron-db-pass.age b/secrets/zora/services/biggoron-db-pass.age
new file mode 100644
index 0000000..2b7b5f3
--- /dev/null
+++ b/secrets/zora/services/biggoron-db-pass.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 whuRpQ oPvyRnkciZAWcJ77/nE2poQA4bbqhq/qxMIrO91BVD0
+bcWoQO6zcAa2vnh0/CO7vUiS+r2NXIAJzQRf1RuL6Oc
+-> ssh-ed25519 TFqgIg LhYaU7CdeiqoT9Gya3ClSermmLCxcRiEw32KMekknGM
+TMWCpK/SptahaWKvC7z2+0Z+jqt3uB0XlqwX9CrapKw
+--- adNmPtRtkeuyUw3HVal8a3/V7gZZ3fTNbyi7Vj/rsw8
+�yG_)�k��Ħm�r���w�cVk�	,���u���ZPE!f�-���GZu����B[
+6��i��5�Y�ɮ�~Ȣ͗2��;�9$�λ ���\�a8�(����\ïM.g�v���O���=}d�p�­vPNU��Z�?@��y�9��\��C�6U'H
\ No newline at end of file