diff --git a/machine/backyard/default.nix b/machine/backyard/default.nix
index 45f0104..024570d 100644
--- a/machine/backyard/default.nix
+++ b/machine/backyard/default.nix
@@ -21,9 +21,29 @@
     allowedTCPPorts = [
       80  # http
       443 # https
+      8080 # nginx bind backyard.lan
     ];
   };
 
+  networking.extraHosts = ''
+    10.22.20.1  empyrean.vpn
+    10.22.20.2  catacomb.vpn
+    10.22.20.8  backyard.vpn
+    10.22.20.8  git.backyard.vpn
+  '';
+
+  services.nginx.enable = true;
+  services.nginx.virtualHosts = {
+    "git.backyard.vpn" = {
+      #listen = [ { addr = "git.backyard.vpn"; port = 80; } ];
+      locations."/".return = "200 \"this is the git, yes\"";
+    };
+    "default" = {
+      default = true;
+      locations."/".return = "444";
+    };
+  };
+
   # This value governs how some stateful data, like databases, are handled
   # across different versions of NixOS. This should not be changed to a new
   # release unless the sysadmin has determined that no services would be
diff --git a/machine/backyard/gitea.nix b/machine/backyard/gitea.nix
new file mode 100644
index 0000000..ea4f31f
--- /dev/null
+++ b/machine/backyard/gitea.nix
@@ -0,0 +1,70 @@
+# Configuration for Gitea instance
+
+{ config, pkgs, ... }:
+
+{
+  # Gitea configuration
+  services.gitea = {
+    enable = true;
+
+    #useWizard = true;  # Needed for first-time building
+
+    # Settings
+    appName = "Horse Codes";
+    lfs.enable = true;
+    #dump = {
+    #  enable = true;
+    #  interval = "weekly";
+    #};
+    settings = {
+      "server" = {
+        # Configuration for reverse proxy
+        ROOT_URL = "http://git.backyard.vpn/";
+        HTTP_ADDR = "127.0.0.1";
+        HTTP_PORT = 3300;
+        DOMAIN = "git.backyard.vpn";
+      };
+      "repository" = {
+        DEFAULT_PRIVATE = true;
+      };
+      "ui" = {
+        DEFAULT_THEME = "arc-green";
+        SHOW_USER_EMAIL = false;
+      };
+      "ui.meta" = {
+        AUTHOR = "Horse Codes";
+        DESCRIPTION = "Alogoulogoi Gitea staging";
+        KEYWORDS = "";
+      };
+      "security" = {
+        INSTALL_LOCK = true;
+      };
+      "session" = {
+        SESSION_LIFE_TIME = 86400 * 7; # 1 week
+      };
+      "picture" = {
+        DISABLE_GRAVATAR = true;
+      };
+      "cron.archive_cleanup".ENABLED = false;
+      "cron.sync_external_users".ENABLED = false;
+      log.LEVEL = "Info";
+      # Private server
+      service.DISABLE_REGISTRATION = true;
+      # Disable package manager functionality
+      packages.ENABLED = false;
+    };
+  };
+
+  users.users.gitea.openssh.authorizedKeys.keys = [
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCYr3Y4waQA4Qb9Vv29APxqkAE6E8KSoTcK1L+NSKOEAb3IxlqitMMnDFfWENXuQlEkkxkqszGA3oe2uchN89UckBFIkm8oEBNE2ZQ0SnuVv+ETHRYMmGvhfOnsnEzpD/j6qSk/0/ea2eJpzfUazMVNTDP7aX6pI0F0n6lXFty0vVan/gN6lM41aNatlQPGxY2XDJQ/e2IJJeOubb2YwH/Vj7/t25yuKiQ5AmaX9fVheM4xA1xfNTs42UfoHzU7Pk3gT6D6L1DGHjsbO0FD4lKPe030XYcPVvpqSiEKGTAYvcWnPH/RDXuz6cEQpN3kMajEtvKUcu0FM/3NPJhvUuxEX0wJnvPPRuY30tcD2WuYemQjm5OCGewdIr1a7mMJ/5zEAzRq4AttEdw7PtTjoj8O+0S6pFrFnv6Dp5TOrg9jyRLICEv7SPb76OhPWWr2uf3TllfXJcQMdsEd3gnTxaUUgJRmD3hfAQO5fOR0MFuVw+bVgleeYctBCW5UjbWZqE1lzEU8xwVYKB05HnWI5tgeh/pkdjg9AfdWnuVU7EljJ8nFEevNTJEe3kjZ67l+wL/dLiyyQuMIq1oBpcOCq+ew0jWZMfPq3o5r13qsdPkUuqdwWOXhCQtqOHHYXVgFEvEGLWacdgHSIFlP7IdfW1M4k1yFPBUlJUU9Bo+VGSZxSw== tvb@catacomb"
+  ];
+
+  # Configure nginx to forward to the server at the git subdomain
+  services.nginx.virtualHosts."git.backyard.vpn" = {
+    locations."/".extraConfig = ''
+      proxy_buffering off;
+      proxy_pass http://localhost:3300/;
+    '';
+  };
+}
+