diff --git a/modules/server/default.nix b/modules/server/default.nix
index e41b400..7b1f735 100644
--- a/modules/server/default.nix
+++ b/modules/server/default.nix
@@ -14,10 +14,12 @@ with lib; {
     smailserver.enable = mkEnableOption "Set up simple mail server";
     unbound.enable = mkEnableOption "Set unbound dns up";
     grocy.enable = mkEnableOption "Set up grocy";
+    gitea.enable = mkEnableOption "Set up gitea";
   };
 
   imports = [
     ./acme.nix
+    ./gitea.nix
     ./grocy.nix
     ./nextcloud.nix
     ./nginx.nix
diff --git a/modules/server/gitea.nix b/modules/server/gitea.nix
new file mode 100644
index 0000000..7fe8f44
--- /dev/null
+++ b/modules/server/gitea.nix
@@ -0,0 +1,29 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+with lib; {
+  config = let
+    cfg = config.elss.server.gitea;
+  in
+    mkIf cfg.enable {
+      services.nginx.virtualHosts."git.ellmauthaler.net" = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/" = {
+          proxyPass = "http://localhost:3001";
+        };
+      };
+
+      services.gitea = {
+        enable = true;
+        appName = "gitea: ellmauthaler.net gitea service";
+        database = {
+          type = "postgres";
+          host = "/run/posgresql";
+        };
+      };
+    };
+}
diff --git a/modules/server/sql.nix b/modules/server/sql.nix
index abea98e..7b4de94 100644
--- a/modules/server/sql.nix
+++ b/modules/server/sql.nix
@@ -19,6 +19,12 @@ with lib; {
             ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
           }
         ];
+        authentication = ''
+          local gitea all ident map=gitea-users
+        '';
+        identMap = ''
+          gitea-users gitea gitea
+        '';
       };
     };
 }