diff --git a/system-modules/nx2site/gitea.nix b/system-modules/nx2site/gitea.nix
index df41284..9226f4f 100644
--- a/system-modules/nx2site/gitea.nix
+++ b/system-modules/nx2site/gitea.nix
@@ -5,9 +5,6 @@ let git-user = "git"; in
     "postgres-pw" = { owner = config.services.gitea.user; };
   };
 
-  environment.systemPackages = with pkgs; [
-    gitea
-  ];
   users = {
     users = {
       "${user}".extraGroups = [ git-user ];
@@ -33,8 +30,8 @@ let git-user = "git"; in
     # camoHmacKeyFile = ;
     database = {
       createDatabase = false; # default
-      host = "127.0.0.1"; # default
-      port = 5432;
+      host = config.services.postgresql.settings.listen_addresses;
+      port = config.services.postgresql.settings.port;
       passwordFile = config.sops.secrets."postgres-pw".path;
       socket = null;
       type = "postgres";
@@ -66,12 +63,12 @@ let git-user = "git"; in
         START_SSH_SERVER = false; # default
         SSH_LISTEN_HOST = "0.0.0.0";
         SSH_PORT = secrets.ssh.port;
-        DOMAIN = "pw.${domain}";
+        DOMAIN = "git.${domain}";
         SSH_DOMAIN = "ssh.${domain}";
         # HTTP_ADDR = "${config.services.gitea.settings.server.DOMAIN}";
         # HTTP_PORT = 3000; # default
         # PROTOCOL = "http"; # default
-        # ROOT_URL = "https:pw.${domain}/"; # default
+        ROOT_URL = "https://git.${domain}/"; # default
       };
       session = {
         COOKIE_SECURE = true;
@@ -79,6 +76,31 @@ let git-user = "git"; in
       service = {
         DISABLE_REGISTRATION = true;
       };
+      ui = {
+        DEFAULT_THEME = "pitchblack";
+        THEMES = "gitea,arc-green,pitchblack";
+      };
     };
   };
+  system.activationScripts = let
+    # theme = pkgs.fetchFromGitHub {
+    #   owner = "unixtensor";
+    #   repo = "Gitea-Pitch-Black";
+    #   rev = "v1.15.X.2";
+    #   hash = "sha256-Eibgoc3BJUXWdq8irgXea09fAvfKx2eQrJotp3P5DTg=";
+    # };
+    theme = pkgs.fetchFromGitea {
+      domain = "git.${domain}";
+      owner = "nx2";
+      repo = "Gitea-Pitch-Black";
+      rev = "0.1.0";
+      hash = "sha256-pU4YhgcPOT3PTcmBTjNE3FcyJgl39JGP41ckhRUKN7Y=";
+    };
+  in {
+    "gitea-theme" = /* bash */ ''
+      mkdir -p ${config.services.gitea.stateDir}/custom/public/assets/css/
+      ln -s ${theme}/theme-pitchblack.css ${config.services.gitea.stateDir}/custom/public/assets/css/theme-pitchblack.css
+      chown -R ${git-user}:${git-user} ${config.services.gitea.stateDir}/custom/ 
+    '';
+  };
 }
diff --git a/system-modules/postgres.nix b/system-modules/postgres.nix
index b86a5cf..48aac0c 100644
--- a/system-modules/postgres.nix
+++ b/system-modules/postgres.nix
@@ -27,7 +27,7 @@
 			];
 			settings = {
 				port = 5432; # default
-				listen_addresses = "localhost";
+				listen_addresses = lib.mkForce "127.0.0.1";
 				log_line_prefix = "[%p] "; # default
 				shared_preload_libraries = [ ]; # default
 			};