diff --git a/secrets/default.nix b/secrets/default.nix
index 2e96df6..b04140e 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -33,5 +33,9 @@ in {
       file = ./zitadel-key.age;
       owner = abstrServiceUser "zitadel";
     };
+    forgejo-mailpass = mkIf server {
+      file = ./forgejo-mailpass.age;
+      owner = abstrServiceUser "forgejo";
+    };
   };
 }
diff --git a/secrets/forgejo-mailpass.age b/secrets/forgejo-mailpass.age
new file mode 100644
index 0000000..eed7f49
--- /dev/null
+++ b/secrets/forgejo-mailpass.age
@@ -0,0 +1,15 @@
+age-encryption.org/v1
+-> ssh-ed25519 GQzYWA j5yj1cq9FbYSW767zObF4RbJ7Jhx0818BryvWGWwnSw
+LelnyL/SIat9BKl4hsz0n6rl8xPgchk+nQmfb1xkXkU
+-> ssh-ed25519 MfR7VA sVGSrPd10dOdnDNROMGW1gLuczlVwMLpymgx6+cCJRE
+8vf0ubRiRUWfc6Mgt0bNq99SgrY4pYJ0f4BHVRn+lYU
+-> ssh-ed25519 +cvRTg VK4bHTmw+Oz7JLdP0zEbfKTjNUBtVxcbHX4zyZrQxx4
+1BjqL4TuNJO8VH9c2MT24ZlGz8ifniUZaK4AkK4VjM4
+-> ssh-ed25519 WCPLrA lD5KmpPXdvmTGMXMhye/ivnkbb0+XRCpUA4i6JBsK2w
+0LKCxV8vSewkNOLJa+xEZp4w+qIRAVezv37g6hExpb0
+-> ssh-ed25519 7/ziYw Yq6qqosp/yOekCO7NBpNTJQVv8NciaSLiDFNuLaOjyA
+8Joor9/H+ExdOQBavTMH13SI9MZgBKQQA2HPxKAF9uU
+-> ssh-ed25519 VQy60Q /+R2djdRbYoWq1GzMFSj+gwXGf085axPJHOa0tIeFTs
+dBVQQ7yucfpbmeR82Fp6MR1/IiQun3bqNVCm9qegL2g
+--- fHjHEH5JtSZnKnJFC/KDQELHDwVsExA5aeuKN7DvL1M
+ªóAHñæ¥?Û'‰ah·Ç’·¹âÂPñ>"/Þy†ûR¯Æ„!–I—=Æ¾G4äÙº^iXÄ}a:
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 5f4df5c..9caab40 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -20,4 +20,5 @@ in {
   "matrix-registration.age".publicKeys = keys;
   "mail-admin.age".publicKeys = keys;
   "zitadel-key.age".publicKeys = keys;
+  "forgejo-mailpass.age".publicKeys = keys;
 }
diff --git a/system/server/forgejo.nix b/system/server/forgejo.nix
index 9d93e8a..9560944 100644
--- a/system/server/forgejo.nix
+++ b/system/server/forgejo.nix
@@ -27,13 +27,31 @@ in {
             HTTP_PORT = 9004;
           };
           service = {
-            DISABLE_REGISTRATION = true;
-            EnableInternalSignIn = false;
+            ENABLE_INTERNAL_SIGNIN = false;
+            # DISABLE_REGISTRATION = true;
+            ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
+          };
+          oauth2_client = {
+            ENABLE_AUTO_REGISTRATION = true;
+          };
+          "ui.meta" = {
+            AUTHOR = "JSW Git";
+            DESCRIPTION = "Personal GIT-Forgejo instance.";
           };
           actions = {
             ENABLED = true;
             DEFAULT_ACTIONS_URL = "github";
           };
+          mailer = {
+            ENABLED = true;
+            SUBJECT_PREFIX = "JSWGit";
+            PROTOCOL = "smtps";
+            SMTP_ADDR = "mail.jsw.tf";
+            SMTP_PORT = 465;
+            FROM = "git@jsw.tf";
+            USER = "git";
+            PASSWD_URI = "file:${config.age.secrets.forgejo-mailpass.path}";
+          };
         };
       };
     };