diff --git a/hosts/common/default.nix b/hosts/common/default.nix
index be00ae7..b35d011 100644
--- a/hosts/common/default.nix
+++ b/hosts/common/default.nix
@@ -9,7 +9,5 @@
     neovim
     git
     sops
-    just
-    htop
   ];
 }
diff --git a/hosts/lab/default.nix b/hosts/lab/default.nix
index 07a547b..d409671 100644
--- a/hosts/lab/default.nix
+++ b/hosts/lab/default.nix
@@ -12,14 +12,13 @@
 
   services.openssh = {
     enable = true;
-    ports = [ 4200 ];
     settings = {
       PasswordAuthentication = false;
       PermitRootLogin = "no";
     };
   };
 
-  networking.firewall.allowedTCPPorts = [ 80 443 4200 ];
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
 
   users.users.lew = {
     isNormalUser = true;
diff --git a/hosts/lab/forgejo.nix b/hosts/lab/forgejo.nix
index 1fcf379..d301eee 100644
--- a/hosts/lab/forgejo.nix
+++ b/hosts/lab/forgejo.nix
@@ -12,34 +12,26 @@ in
   services.caddy.virtualHosts."git.ily.rs" = {
     extraConfig = ''
       reverse_proxy localhost:${toString srv.HTTP_PORT}
-      encode zstd gzip
     '';
   };
 
   services.forgejo = {
     enable = true;
-    database.type = "sqlite3";
     lfs.enable = true;
     settings = {
       server = {
         DOMAIN = "git.ily.rs";
         ROOT_URL = "https://git.ily.rs/";
         HTTP_PORT = 3000;
-        SSH_DOMAIN = "git.ily.rs";
         START_SSH_SERVER = true;
-        SSH_PORT = 4201;
-        SSH_LISTEN_PORT = 4201;
-        DISABLE_HTTP_GIT = true;
-      };
-      service = {
-        DISABLE_REGISTRATION = true;
-        REQUIRE_SIGNIN_VIEW = false;
+        SSH_PORT = 2222;
+        SSH_LISTEN_PORT = 2222;
       };
+      service.DISABLE_REGISTRATION = true;
     };
   };
 
-
-  networking.firewall.allowedTCPPorts = [ 4201 ];
+  networking.firewall.allowedTCPPorts = [ 2222 ];
 
   systemd.services.forgejo.preStart = let
     adminCmd = "${lib.getExe cfg.package} admin user";