diff --git a/cluster/services/gitlab/default.nix b/cluster/services/gitlab/default.nix
deleted file mode 100644
index fd1c416..0000000
--- a/cluster/services/gitlab/default.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{ depot, ... }:
-
-{
-  services.gitlab = {
-    nodes.host = [ "VEGAS" ];
-    nixos.host = ./host.nix;
-  };
-
-  dns.records.git.target = [ depot.hours.VEGAS.interfaces.primary.addrPublic ];
-}
diff --git a/cluster/services/gitlab/host.nix b/cluster/services/gitlab/host.nix
deleted file mode 100644
index 85f548c..0000000
--- a/cluster/services/gitlab/host.nix
+++ /dev/null
@@ -1,94 +0,0 @@
-{ cluster, config, lib, depot, ... }:
-
-let
-  inherit (depot.lib.meta) domain adminEmail;
-
-  patroni = cluster.config.links.patroni-pg-access;
-
-  mkSecret = name: {
-    owner = "gitlab";
-    group = "gitlab";
-    mode = "0400";
-    file = ../../../secrets/${name}.age;
-  };
-
-  secrets = lib.mapAttrs (_: v: v.path) config.age.secrets;
-
-  cfg = config.services.gitlab;
-in
-
-{
-  age.secrets = lib.flip lib.genAttrs mkSecret [
-    "gitlab-db-credentials"
-    "gitlab-initial-root-password"
-    "gitlab-openid-secret"
-    "gitlab-secret-db"
-    "gitlab-secret-jws"
-    "gitlab-secret-otp"
-    "gitlab-secret-secret"
-  ];
-
-  services.gitlab = {
-    enable = true;
-    https = true;
-    host = "git.${domain}";
-    port = 443;
-
-    databaseCreateLocally = false;
-    databaseHost = patroni.ipv4;
-    extraDatabaseConfig = { inherit (patroni) port; };
-    databaseUsername = "gitlab";
-    databasePasswordFile = secrets.gitlab-db-credentials;
-
-    initialRootEmail = adminEmail;
-
-    statePath = "/srv/storage/private/gitlab/state";
-
-    smtp = {
-      enable = true;
-      inherit domain;
-    };
-
-    initialRootPasswordFile = secrets.gitlab-initial-root-password;
-
-    secrets = with secrets; {
-      dbFile = gitlab-secret-db;
-      jwsFile = gitlab-secret-jws;
-      otpFile = gitlab-secret-otp;
-      secretFile = gitlab-secret-secret;
-    };
-
-    extraConfig = {
-      omniauth = {
-        enabled = true;
-        auto_sign_in_with_provider = "openid_connect";
-        allow_single_sign_on = ["openid_connect"];
-        block_auto_created_users = false;
-        providers = [
-
-          {
-            name = "openid_connect";
-            label = "Private Void Account";
-            args = {
-              name = "openid_connect";
-              scope = ["openid" "profile"];
-              response_type = "code";
-              issuer = "https://login.${domain}/auth/realms/master";
-              discovery = true;
-              client_auth_method = "query";
-              uid_field = "preferred_username";
-              client_options = {
-                identifier = "net.privatevoid.git2";
-                secret = { _secret = secrets.gitlab-openid-secret; };
-                redirect_uri = "https://${cfg.host}/users/auth/openid_connect/callback";
-              };
-            };
-          }
-          
-        ];
-      };
-    };
-  };
-
-  services.nginx.virtualHosts."${cfg.host}" = depot.lib.nginx.vhosts.proxy "http://unix:/run/gitlab/gitlab-workhorse.socket";
-}
diff --git a/secrets.nix b/secrets.nix
index 3e1c920..a2225f1 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -16,13 +16,6 @@ in with hosts;
   "cluster/services/storage/secrets/garage-rpc-secret.age".publicKeys = max ++ map systemKeys [ grail VEGAS prophet ];
   "cluster/services/storage/secrets/storage-box-credentials.age".publicKeys = max ++ map systemKeys [ grail VEGAS prophet ];
   "secrets/dovecot-ldap-token.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-db-credentials.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-initial-root-password.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-openid-secret.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-secret-db.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-secret-jws.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-secret-otp.age".publicKeys = max ++ map systemKeys [ VEGAS ];
-  "secrets/gitlab-secret-secret.age".publicKeys = max ++ map systemKeys [ VEGAS ];
   "secrets/hyprspace-key-checkmate.age".publicKeys = max ++ map systemKeys [ checkmate ];
   "secrets/hyprspace-key-grail.age".publicKeys = max ++ map systemKeys [ grail ];
   "secrets/hyprspace-key-thunderskin.age".publicKeys = max ++ map systemKeys [ thunderskin ];
diff --git a/secrets/gitlab-db-credentials.age b/secrets/gitlab-db-credentials.age
deleted file mode 100644
index 485ac15..0000000
Binary files a/secrets/gitlab-db-credentials.age and /dev/null differ
diff --git a/secrets/gitlab-initial-root-password.age b/secrets/gitlab-initial-root-password.age
deleted file mode 100644
index 1f703ff..0000000
--- a/secrets/gitlab-initial-root-password.age
+++ /dev/null
@@ -1,12 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 NO562A XRrOSniXZk7nvufR3liJ3ocjX257eenhQUYZdlYCpl4
-ctZGdEgc9SgWka/3R/2WW4G9m1DHIk7HLKaBNyUeHtE
--> ssh-ed25519 5/zT0w k3z9vLsjCPABV2kTRMC3xiriW+4BwSdvnk02Xtoi3zk
-w43L1pm8VvwxVp6k8NJA73afZtPGfD8eCb2koa2goZQ
--> ssh-ed25519 d3WGuA Bi1l2WS3kL5Y5NoVh7jAja3BG9LXxem801SSR76j52s
-fKhRIb+Ug3sW4JI2rczNnh3Frx/EEnbQfhTUGdwLSo8
--> AOy-grease dju$ xL|5Hh q(A
-h0bIKBg8yQBMqNR8M9DlA/wZWWFB+sdo4ApLXvTT19Moz3E5Vly8N2XKHrV3ggCE
-Vn2a3snrXDrWxqQgfQEfJo7FnydItRcgO7ZDOuNAlnooyk0
---- 9bMYjHMQsJt4fqnmE2ezRzN4AoKIrlRKAqh8pYRw8SQ
-�ܙ�j�>��r�|�>����Q�7�p����d�h��� �3��������57���{�Z9�L�����$DU$�0Y٠�3�BM���@o�U�_���d�Dݶ�5jq/���j�`�6��Z��i��A��&Q�����ʡ*Օ:R%+ ��ɡ���
\ No newline at end of file
diff --git a/secrets/gitlab-openid-secret.age b/secrets/gitlab-openid-secret.age
deleted file mode 100644
index 3a57392..0000000
--- a/secrets/gitlab-openid-secret.age
+++ /dev/null
@@ -1,11 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 NO562A ZCflrN3Tm5CiGr6ajyHWUBB/tQqvBuZkwTrJDrd/aV0
-ItnkxqiZTCT77SDnG0JgzaQlDL3LZ96V+kzjxjAJx5s
--> ssh-ed25519 5/zT0w WoKnbgmzpR+HuLdXYCOkPfScle7g7U+NGA/YAmyfIhk
-pNfp+gOVyTfnXpVDRXuk16RyjlWjDILrO7Gibh7nRmU
--> ssh-ed25519 d3WGuA L5xjtPNva83jZWsu2bCbcgaDNlou5BFVMsFkR8+L+2Q
-4+UtIsyOgY0NAuHtdg4lBJwMyZWquRsmRNeQ+YXqeA0
--> hD-grease q%QV%; &/
-jl4ZKGU+SBSR0xhJN0yz7sV2uW/+Yhw
---- 1LIvBjAzD1lUotPXuI4cPHSfUsMFbEaGjE/t+KnQcW4
-AWe��
���e�	c[���3m��y�Έ���6�
g{7�rd�_�7�WP��':�u����N
\ No newline at end of file
diff --git a/secrets/gitlab-secret-db.age b/secrets/gitlab-secret-db.age
deleted file mode 100644
index 347fe7f..0000000
Binary files a/secrets/gitlab-secret-db.age and /dev/null differ
diff --git a/secrets/gitlab-secret-jws.age b/secrets/gitlab-secret-jws.age
deleted file mode 100644
index 7b99d4e..0000000
Binary files a/secrets/gitlab-secret-jws.age and /dev/null differ
diff --git a/secrets/gitlab-secret-otp.age b/secrets/gitlab-secret-otp.age
deleted file mode 100644
index 28e6c7f..0000000
--- a/secrets/gitlab-secret-otp.age
+++ /dev/null
@@ -1,14 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 NO562A su6ATd6CDJ/TD/nAPw1K4ZmELBDdNLZI63DsZl0zCF0
-J+2ZXXZArtjDDLIaQL6HaEdawHo8tonMdzHf45IQMO4
--> ssh-ed25519 5/zT0w wdKMnoA5/huvtT/jyj1Aixf9nKtkzcyPSs1yoUpxoAk
-yGiW4Zg0h4NGkdU0BZiWzC+72CJZK6pJdrSBuZCVGAE
--> ssh-ed25519 d3WGuA p4QVeohmXdTo8v0Wh2pkEoyqMhZhmdrblBpq39ENnVk
-7TybdsMNokMu+2q5ESnvdcNwAeWTl/5XGZltzJ7etjI
--> Q-grease KJL\,Pw& c!aOPX
-C6DVdLd90RXPgjf22U5Y8OsW9O9rkfE3kY0LGQhmmjCSZ7yHde4bhOAVNeNronxE
-xFy8GtD+ZllI4NPUSyl3Y/90//H2fVUb32WA3Ga5WJmksrGXzg
---- yWDk0jbHXLxwE9jWTT85ORZy0Pw20jaRVihmkKfGnKo
-@# 
-Q)F:����G��	#�g�����L��-k{T�d+��8��܃���/�-�a���\O*��!^R��y��@Z/o�~I�
-�[���PO��'v��e^�,�?���o��M�
]1
W
��F�J���B�&y�
y��Vv�_� %��Ǐ�'
\ No newline at end of file
diff --git a/secrets/gitlab-secret-secret.age b/secrets/gitlab-secret-secret.age
deleted file mode 100644
index 0b8f89e..0000000
Binary files a/secrets/gitlab-secret-secret.age and /dev/null differ