diff --git a/modules/nixos/services/gameserver/restic.nix b/modules/nixos/services/gameserver/restic.nix
index ea5a3ff..60b88ef 100644
--- a/modules/nixos/services/gameserver/restic.nix
+++ b/modules/nixos/services/gameserver/restic.nix
@@ -27,11 +27,6 @@
     paths = [
       "/var/lib/minecraft"
     ];
-    exclude = [
-      ".*"
-      "*.db"
-      "*.db-shm"
-      "*.db-wal"
-    ];
+    exclude = [ ".*" ];
   };
 }
\ No newline at end of file
diff --git a/modules/nixos/services/homeserver/default.nix b/modules/nixos/services/homeserver/default.nix
index 8c58a48..df55c3c 100755
--- a/modules/nixos/services/homeserver/default.nix
+++ b/modules/nixos/services/homeserver/default.nix
@@ -7,12 +7,10 @@
     ./caddy.nix
     ./cloudflared.nix
     ./forgejo.nix
-    ./gameserver-caddy.nix
     ./jellyfin.nix
     ./kanidm.nix
     ./nextcloud.nix
     ./ntfy.nix
-    ./searxng.nix
     ./sops.nix
     ./technitium-dns.nix
     ./uptime-kuma.nix
diff --git a/modules/nixos/services/homeserver/forgejo.nix b/modules/nixos/services/homeserver/forgejo.nix
index 84e82a2..6688183 100644
--- a/modules/nixos/services/homeserver/forgejo.nix
+++ b/modules/nixos/services/homeserver/forgejo.nix
@@ -12,15 +12,13 @@
     };
   };
 
-  users.groups.forgejo.members = [ "caddy" ];
-
   services.caddy.virtualHosts."git.wo2wz.fyi".extraConfig =
   assert config.services.caddy.enable;
   ''
     import default-settings
     import cloudflare-tls
 
-    reverse_proxy unix/${config.services.forgejo.settings.server.HTTP_ADDR}
+    reverse_proxy localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}
   '';
 
   services.forgejo = {
@@ -42,15 +40,11 @@
       };
 
       server = {
-        PROTOCOL = "http+unix";
-        HTTP_ADDR = "/run/forgejo/forgejo.sock";
-        UNIX_SOCKET_PERMISSION = 660;
+        HTTP_ADDR = "127.0.0.1";
+        HTTP_PORT = 8008;
 
         DOMAIN = "git.wo2wz.fyi";
         ROOT_URL = "https://git.wo2wz.fyi/";
-
-        # cant work with cf tunnel unfortunately
-        DISABLE_SSH = true;
       };
       
       database.SQLITE_JOURNAL_MODE = "WAL";
diff --git a/modules/nixos/services/homeserver/gameserver-caddy.nix b/modules/nixos/services/homeserver/gameserver-caddy.nix
deleted file mode 100644
index a2a12cb..0000000
--- a/modules/nixos/services/homeserver/gameserver-caddy.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ config, ... }:
-
-{
-  services.caddy.virtualHosts."map-countries.wo2wz.fyi".extraConfig =
-  assert config.services.caddy.enable;
-  ''
-    import default-settings
-    import cloudflare-tls
-
-    reverse_proxy gutterman:8123
-  '';
-}
\ No newline at end of file
diff --git a/modules/nixos/services/homeserver/searxng.nix b/modules/nixos/services/homeserver/searxng.nix
deleted file mode 100644
index eadcad1..0000000
--- a/modules/nixos/services/homeserver/searxng.nix
+++ /dev/null
@@ -1,107 +0,0 @@
-{ config, ... }:
-
-{
-  sops.secrets."searxng/secrets.env" = {};
-
-  services.caddy.virtualHosts."searxng.taild5f7e6.ts.net".extraConfig =
-  assert config.services.caddy.enable;
-  ''
-    import default-settings
-
-    bind tailscale/searxng
-
-    reverse_proxy localhost:${toString config.services.searx.settings.server.port}
-  '';
-
-  services.searx = {
-    enable = true;
-    redisCreateLocally = true;
-    settings = {
-      general = {
-        instance_name = "Wo2wz's SearXNG";
-        enable_metrics = false;
-      };
-
-      server = {
-        bind_address = "127.0.0.1";
-        port = 8009;
-        base_url = "https://searxng.taild5f7e6.ts.net";
-        secret_key = "$SEARXNG_SECRET_KEY";
-      };
-
-      ui.default_locale = "en";
-
-      search = {
-        safe_search = 1;
-        default_lang = "en-US";
-        autocomplete = "duckduckgo";
-        favicon_resolver = "duckduckgo";
-      };
-
-      engines = [
-        # brave is broken from what it seems
-        {
-          name = "brave";
-          disabled = true;
-        }
-
-        {
-          name = "bing news";
-          disabled = true;
-        }
-        
-        {
-          name = "deezer";
-          disabled = false;
-        }
-
-        {
-          name = "annas archive";
-          disabled = false;
-        }
-        {
-          name = "piratebay";
-          disabled = true;
-        }
-
-        {
-          name = "nixos wiki";
-          disabled = false;
-        }
-        {
-          name = "codeberg";
-          disabled = false;
-        }
-
-        {
-          name = "docker hub";
-          disabled = true;
-        }
-        {
-          name = "hoogle";
-          disabled = true;
-        }
-        {
-          name = "pypi";
-          disabled = true;
-        }
-
-        {
-          name = "hackernews";
-          disabled = false;
-        }
-      ];
-    };
-    faviconsSettings.favicons = {
-      cfg_schema = 1;
-      cache = {
-        db_url = "/var/cache/searx/faviconcache.db";
-        HOLD_TIME = 5184000;
-        LIMIT_TOTAL_BYTES = 104857600;
-        BLOB_MAX_BYTES = 40960;
-        MAINTENANCE_MODE = "auto";
-        MAINTENANCE_PERIOD = 600;
-      };
-    };
-  };
-}
\ No newline at end of file
diff --git a/secrets/drone.yaml b/secrets/drone.yaml
index cf42338..f73481e 100755
--- a/secrets/drone.yaml
+++ b/secrets/drone.yaml
@@ -13,7 +13,6 @@ grafana:
     secrets.env: ENC[AES256_GCM,data:yv7u5+8l7M4PJ4BzCUlTGX8PeFxxVMtS2Pi4yKnvAeZf+4tcz6NFNRjyPeqTFinqmZ8yq+iYA1tBS5Gy9DTHo8TzmhoaWBPI/ZUXQgl5Y7lnGBOyZ6wHlllsP8zbC+zEWW+gRssaXj6yYBuvQTTzfSqSlmZdB7VwhUegiVxMs722jbys1Rl+NE8TKDc384IbwPRAIi6ZO+UH,iv:M/dgcJ++gMH5/sNQDUQvkiJW2n+fSkPCEDZBcFRXWuE=,tag:SocmiehkaCzl9ZB8dNZPZQ==,type:str]
 kanidm:
     oauth2:
-        forgejo: ENC[AES256_GCM,data:Gi5JH0bFfJwzIe1JHjtWlnOf2Ucp/oEGr2nNngCaU8gRiWtd2QhWBeUQvcCuiKmF1kKNDJyi6F4R896FzXHEbg==,iv:bMQyYDv3cDhCQdSo8CP3qpqGQ2lapn5eZsLcNKZ+NFM=,tag:0J8qimAIfJAEDpW7Nu/1yw==,type:str]
         grafana: ENC[AES256_GCM,data:9aWa5SJ4UNWcQCCRT9rL6XnoUjlkXeifBYe3fL4xRbNC3bc5L6jNtJOF9v0ZZ874pTr/dnv5LzLz/ISLDQWfnw==,iv:+V+JjP2EA02cn7aFif262DjqoCXYRLqXv2jR0pc457c=,tag:CI9daTCxkeOueb3d//hx0A==,type:str]
         jellyfin: ENC[AES256_GCM,data:37edw83rscw19EiFOVUYoq33awKMWw+XXN6KKYYjEdKwtBx7I01RuOha3DkspFM7zJdmZf3E6IL1UT3N/sBB6w==,iv:T9N4h90799xOhFeNxqmKR0nDGn6BXuIGB4DiOIkt6vk=,tag:JZuu+uqRKAbQskKxzOPIEQ==,type:str]
         nextcloud: ENC[AES256_GCM,data:P7ha6OwX6A5PyNO4xy+UTfdQBeKbktJbK5Ggv/fLuW+SDrxTehuwM1F9A5el3j1Dsegk3VsrrTPBZTVU6i5qwA==,iv:YcvNvAZHjdBd9q5Uxdp+Phj5uQRqLoRi33rIzUcv7Ng=,tag:cXM58lfOpHbTbaJRNUm1Kw==,type:str]
@@ -25,8 +24,6 @@ restic:
     rest-auth.env: ENC[AES256_GCM,data:MAJVkdiutkhY8MCLrg1EMumAblektgO85VQLD65McX/VYInYDihxwJOV21+SAJSaN/8vA/MqUEmzsrUb04hgvqPYjXIyyUYpDrE8us47eqjF3SoZJsf70Ukps0lv3+L3LViRSpKJ+2v2v7GenaA/jAk=,iv:5yzIiEpQ1jvl9SDu/MxsAl25PmxmmuPxjRAa+iEGJRU=,tag:9UBXGt0vXj3F0YndwkeQaw==,type:str]
     rest-server:
         .htpasswd: ENC[AES256_GCM,data:605u/QTk6j1s3Wn3Lg2M0BDhy4WbVFIZRYijhLeGmPHC2sZUY0Ngoq8bkr/Jf97Erh+CM4oqiHXA+Jct8Yq0ml6MMFKk0v602yHRxIEn5MOBETygUz889kJnNLGsXDHJeJFCX5J5qmlnj9DZ+93hNEQJAzEP2CvzH/JoHJA/bMrCGl0aZyExrxJi,iv:wuTER92WYPUGm0QNpfoOepZSGcOmq2M16Xa3RVJFYAo=,tag:qgLqtf41735ajBvlEBlJCw==,type:str]
-searxng:
-    secrets.env: ENC[AES256_GCM,data:oOEHk2rHzQ5db8U3JfTyTFgvQsz2G/MWFOedvb3BAYrT7tRVP2x8868nlqjHkeo6GkLevw4ejghUJ/tRVdYEqfxAnTlQtRDhp6r1vxW07Lh3N+a6HQ==,iv:XUysHB/fLwbKEDJFkuhg3Y9D9qERJ/qErJ20AlcVjX4=,tag:NtYx1BcMLphMwgAD/MMCCA==,type:str]
 syncthing:
     cert.pem: ENC[AES256_GCM,data:BHZ+GuWS9MWWyeXmcGna2IaSli63QbMKOeYFoKZhs3nvLLI1fdsvWhkhR+UZ1/dPrKPz8ZcgvqeClCDnGQLR+UBOIV8/nbuLk/jQxcw+KRl4+OziFeDnHdHdk1ZeSrF8ek7ThCX/MIz3t0/UPv+X0kZQEpwtOYrrLqeYLh3syUKdnVm9N96erv3UWKfSot5dch5EEMDLvli48rZtbqDrNCdx1bg8/CLj56OvmVxKtyPrUW/DZ3euG7PuL4Crrxw1ZeafTWHINpGoTZDrpOfanLEO5BtK65WY6J18ggJ467P9SgpeC2MeRnCJu6WaH1nqRSM5KitDYwhMFFlcdGKDUF30pCUf/W63BZ8AokJFozuhwtTbCWJHAk39j/wYoU+S0MfIhb/5gZu2vs+2Qnkle6r0ew8AS3l0BNcNJbbSdWKnGbYo8uUAtUh6GmK4ADYFx2z8h31z7kONzFAeE03nAkhAEoDtUccDNUlwF6WBeQdaIKYk2lVwU0bi5C4L5RM5qanAlKvsWtqQ7re5B0nbn4QcnGFLBJZsLmxSzX73e+9MRxTaPUyVoPmAsELLuOMBL7y3wqBtmNeLPRih+7zfn2AwQGaZ/UgnfX1s2gJtx3+OnCy8GMRbaxTd+8AM2JkZsFpkQjwG+eI1HE28dELHcpeDZ4ZqzGUh4Xlgq15kmaXo3Ww89Ukq/QCMHs6xqQdbw4ra84Oh33Stt7YFtL+xVcJkoAzIVYKeoJDtqIwPf+LXukvAUZyMbaLSmEJTsfNnKkhsGU1clxyZXs6DK0EaP3LCY6iw9tv096PkrI9wFFNNxbIjuERkQK4xdus506s=,iv:rUJIqoZa9pSMUxSqUmUKnlUahKLEW/vzzmNI4V0LniE=,tag:EKExs0ms3LbIh7FJA923aA==,type:str]
     key.pem: ENC[AES256_GCM,data:jhYr/fFLvWOGKb7poh3reEDs6WatAoVgYEWw7Y5jwI06eAUO7yQCPpJefKZ+/0VRi0noX71U9Ul/Nv7VNo5bnZ8Yf0fcVxw8FBo0tMXYwg5AMqnJOIr3B48UZUJ9JiWjKG53rE7iGSbnJ4rzvVxB1Opu/wcEDzY=,iv:90R7tjucK/ogTicwAYL5VZ7YF0gCU7KberPQNtAwkBU=,tag:ECCuskrOefltx11+lk2NBA==,type:str]
@@ -43,7 +40,7 @@ sops:
             N0U5bkt4aXJOS3N0Z2N4YTg4TDVUVncKCQLUTMmdM/IPzV3NDRhPdta1tvXxy/6P
             RYbLzlUryw+tqfTp8nDrdxyOWScLNzPOswAq0Qf7VMcEQ5bJEkAOhQ==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2026-01-23T19:01:32Z"
-    mac: ENC[AES256_GCM,data:zJalz3o5HGhlSrmBBMQ0nRBnry/rJPymQlszJYXDPi7fK7utZpMkYRH7DxrT4U5xM7q36mFiFm4O/m8BFXdoKsOzCxpCsvHHhfVvOFuR1Knoza33xeej/gEvqQmImBO6oauFBi3ZJ8ABbV8JbzkE33tu0qaE4xgQ9kC2q/6utck=,iv:oP1BGicUARP+HGhmhLbgssx1xLiPoBdNdNXk7gFLqdY=,tag:LhJbW5SmxFQzYYLjIWeH0Q==,type:str]
+    lastmodified: "2026-01-15T22:36:28Z"
+    mac: ENC[AES256_GCM,data:aKyHq9f7NtLPklPRFwY2un40K+0Ar86oMPVZrzoPHhihX3WwyIhZvru8d84+eU6m6z0rS94yUcmVe7i8wcX+oDXvMFbX5nh2RNp3C14oBIP0PHNyA1V3z1dCy4wsc9lcM6x1ah0zEuqIIMTOxLVue4x8XBTneeqK47F6HRoNiWw=,iv:pSGLJxuinPCi1FnfXGsLZwlFoJa6GeOX7/e28e9vFOA=,tag:Imb3gEYz88Hu7SYbdz0lYg==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.11.0