diff --git a/flake.lock b/flake.lock
index 99daf69..919ba0a 100644
--- a/flake.lock
+++ b/flake.lock
@@ -37,11 +37,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1740503809,
-        "narHash": "sha256-0YkoChw8kl0rzm0JQyAFl+R9ER2MO0tyLIoomW2QKGU=",
+        "lastModified": 1741036339,
+        "narHash": "sha256-hiDphf+kq7epaGyvaLEq/ZpAcAshFg6I0FUSrwGbcV4=",
         "owner": "uku3lig",
         "repo": "api-rs",
-        "rev": "3bf5d83c5d2513bfb9eeae2f30eed0201700de68",
+        "rev": "2fbbfaf09bc8d124f08c12aceb5192835bde9726",
         "type": "github"
       },
       "original": {
@@ -72,11 +72,11 @@
     },
     "crane": {
       "locked": {
-        "lastModified": 1739936662,
-        "narHash": "sha256-x4syUjNUuRblR07nDPeLDP7DpphaBVbUaSoeZkFbGSk=",
+        "lastModified": 1741021986,
+        "narHash": "sha256-VX8M6arxQU05mipDmLjk0TJVRNzu+VQx3w1gVmyPkO4=",
         "owner": "ipetkov",
         "repo": "crane",
-        "rev": "19de14aaeb869287647d9461cbd389187d8ecdb7",
+        "rev": "5245473d6638a96da540e44372da96eebb97735a",
         "type": "github"
       },
       "original": {
@@ -161,11 +161,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1740440383,
-        "narHash": "sha256-w8ixbqOGrVWMQZFFs4uAwZpuwuGMzFoKjocMFxTR5Ts=",
+        "lastModified": 1741001137,
+        "narHash": "sha256-XxWib5eI3rgMPA4VzDHOx89WT76IN/ZNb+votz5gakw=",
         "owner": "nix-community",
         "repo": "lanzaboote",
-        "rev": "6321bc060d757c137c1fbae2057c7e941483878f",
+        "rev": "cc9786aa8158437facead0d8e21ac0c03be91dc8",
         "type": "github"
       },
       "original": {
@@ -183,11 +183,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1740729726,
-        "narHash": "sha256-GBY2DEmECAI2DYOM+kIaBWhO8csb0NX1QPoArlesz9U=",
+        "lastModified": 1740988925,
+        "narHash": "sha256-v27A+gS2u1Y1O6t4ljUduZFVoFE7lg6J08k9zoMNwo4=",
         "owner": "soopyc",
         "repo": "mystia",
-        "rev": "cf75659d74d34496005ee207d760beded1ff2781",
+        "rev": "66eace36b797e354c0a153a9ee727dee198ecf1b",
         "type": "github"
       },
       "original": {
@@ -219,11 +219,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1740828860,
-        "narHash": "sha256-cjbHI+zUzK5CPsQZqMhE3npTyYFt9tJ3+ohcfaOF/WM=",
+        "lastModified": 1741010256,
+        "narHash": "sha256-WZNlK/KX7Sni0RyqLSqLPbK8k08Kq7H7RijPJbq9KHM=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "303bd8071377433a2d8f76e684ec773d70c5b642",
+        "rev": "ba487dbc9d04e0634c64e3b1f0d25839a0a68246",
         "type": "github"
       },
       "original": {
@@ -258,11 +258,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1731897198,
-        "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=",
+        "lastModified": 1740364262,
+        "narHash": "sha256-X5EtT29uEtXN2E4bDiDU2HGBdmFHjHf1KbP6iKP0cmg=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5",
+        "rev": "7c5892ad87b90d72668964975eebd4e174ff6204",
         "type": "github"
       },
       "original": {
@@ -316,11 +316,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1740411467,
-        "narHash": "sha256-F8AdUiQQMJWJ1YjjoW6MWX9/cXdGdbzWTPn8r+zEtIY=",
+        "lastModified": 1740985620,
+        "narHash": "sha256-2GGjPDzBqquSEyM8XUv/W9nN4Os0/D5LF014znQbGOw=",
         "owner": "uku3lig",
         "repo": "ukubot-rs",
-        "rev": "a4dffe792960459bc669158ba1b8a23b46c237d5",
+        "rev": "9791a0e3d1245ad611e8a02d9ad57dfadca62be9",
         "type": "github"
       },
       "original": {
diff --git a/secrets/etna/reposiliteDbPass.age b/secrets/etna/reposiliteDbPass.age
new file mode 100644
index 0000000..3445fb2
--- /dev/null
+++ b/secrets/etna/reposiliteDbPass.age
@@ -0,0 +1,13 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUenluTmJ0VkdTYUZUT2s5
+bjAvQjhWQUFDTWZDL0c1NWNqZERxSVlhSGxJCmR4ZXdiVDQ4MVdTNThXWXN0QTd5
+UFl5RTMyc21oQmZ5cUkxVXhxT056QzAKLT4gWDI1NTE5IDI4M3VBeTFLaHZLcTZ1
+VWtDOUdCY1ZwUk5XR3czUFZZYnpYcmRiSUhBd1EKUWkxY1hPU0VRRCs3ZG9mWkE4
+UnAzMzNTZkJKaDRSQmNEMXdTQjNGY1NLSQotPiBYMjU1MTkgVmhOUHZyRE5EczdF
+bVRtbE0wVERVeGVGNGRaU1dSUkh5aVJVRVlTY01YSQpoL2s2eEpPR1lUM0FpaDRo
+OUtiSUNtcEtVOXE5QVNsc1BndkUwbUJjWE1FCi0+IFgyNTUxOSBHeFJDMXo2Y2g5
+VWtaMnJpb3Y4YmRxTVFVdm0xNU5VTjlDWlRXcndpU1hzClBtcWZZbllCbW9EUU1v
+N09aTnFPeTIzR0J0aXE3YWFZakZ6Y2NUQjVoNWcKLS0tIEQvR2Vzakd6NGFibjlI
+VmVtVTBPU0l4MzBDSGxSbWg0N3kraXl6cnNieWsKOy2KVj5C71fPafzkkWi0mi9C
+VzcpLOocxgfp9/gDxppG870fm9V9i+IVpmxsQeM50rvTrFDF5WrmUNf4hYIUOQ==
+-----END AGE ENCRYPTED FILE-----
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 1a8f944..2b398e0 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -43,6 +43,7 @@ in
   "etna/upsdUserPass.age".publicKeys = main ++ [ etna ];
   "etna/cobaltTokens.age".publicKeys = main ++ [ etna ];
   "etna/slskdEnv.age".publicKeys = main ++ [ etna ];
+  "etna/reposiliteDbPass.age".publicKeys = main ++ [ etna ];
 
   "vesuvio/gatusEnv.age".publicKeys = main ++ [ vesuvio ];
   "vesuvio/maddyEnv.age".publicKeys = main ++ [ vesuvio ];
diff --git a/systems/etna/reposilite.nix b/systems/etna/reposilite.nix
index 72aa2c9..13dbd75 100644
--- a/systems/etna/reposilite.nix
+++ b/systems/etna/reposilite.nix
@@ -1,12 +1,29 @@
-{ camasca, ... }:
 {
-  imports = [ camasca.nixosModules.reposilite ];
+  config,
+  camasca,
+  _utils,
+  ...
+}:
+let
+  dbPass = _utils.setupSingleSecret config "reposiliteDbPass" {
+    owner = "reposilite";
+    group = "reposilite";
+  };
+in
+{
+  imports = [
+    camasca.nixosModules.reposilite
+    dbPass.generate
+  ];
 
   cfTunnels."maven.uku3lig.net" = "http://localhost:8080";
 
   services.reposilite = {
     enable = true;
-    database.type = "sqlite";
     settings.port = 8080;
+    database = {
+      type = "postgresql";
+      passwordFile = dbPass.path;
+    };
   };
 }