diff --git a/flake.nix b/flake.nix
index d2c8360..c2bacd3 100644
--- a/flake.nix
+++ b/flake.nix
@@ -93,14 +93,14 @@
           ./hosts/matrix
         ];
       };
-      nixosConfigurations."hedgedoc" = nixpkgs.lib.nixosSystem {
+      nixosConfigurations."md" = nixpkgs.lib.nixosSystem {
         #system = "x86_64-linux";
         #pkgs = import nixpkgs { inherit system; };
         inherit system;
         modules = [
           agenix.nixosModules.default
           { environment.systemPackages = [ (agenix.packages.${system}.default) ]; }
-          ./hosts/hedgedoc
+          ./hosts/md
         ];
       };
       nixosConfigurations."sql" = nixpkgs.lib.nixosSystem {
diff --git a/hosts/hedgedoc/default.nix b/hosts/hedgedoc/default.nix
deleted file mode 100644
index 92428bd..0000000
--- a/hosts/hedgedoc/default.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{ ... }:
-
-{
-  imports = [
-    ../common.nix
-    ../../services/openssh.nix
-    ../../services/hedgedoc.nix
-  ];
-
-  networking = {
-    hostName = "hedgedoc";
-    firewall = {
-      allowedTCPPorts = [
-        80 # HTTP/1
-        443 # HTTP/2
-      ];
-      allowedUDPPorts = [
-        443 # HTTP/3
-      ];
-    };
-  };
-
-  services = {
-    openssh.banner = ''
-       __                 __                     __
-      /\ \               /\ \                   /\ \
-      \ \ \___      __   \_\ \     __      __   \_\ \    ___     ___
-       \ \  _ `\  /'__`\ /'_` \  /'_ `\  /'__`\ /'_` \  / __`\  /'___\
-        \ \ \ \ \/\  __//\ \L\ \/\ \L\ \/\  __//\ \L\ \/\ \L\ \/\ \__/
-         \ \_\ \_\ \____\ \___,_\ \____ \ \____\ \___,_\ \____/\ \____\
-          \/_/\/_/\/____/\/__,_ /\/___L\ \/____/\/__,_ /\/___/  \/____/
-                                   /\____/
-                                   \_/__/
-    '';
-  };
-
-  system.stateVersion = "25.11";
-}
diff --git a/hosts/md/default.nix b/hosts/md/default.nix
new file mode 100644
index 0000000..9c7bc32
--- /dev/null
+++ b/hosts/md/default.nix
@@ -0,0 +1,36 @@
+{ ... }:
+
+{
+  imports = [
+    ../common.nix
+    ../../services/openssh.nix
+    ../../services/hedgedoc.nix
+  ];
+
+  networking = {
+    hostName = "md";
+    firewall = {
+      allowedTCPPorts = [
+        80 # HTTP/1
+        443 # HTTP/2
+      ];
+      allowedUDPPorts = [
+        443 # HTTP/3
+      ];
+    };
+  };
+
+  services = {
+    openssh.banner = ''
+                    __
+                   /\ \
+        ___ ___    \_\ \
+      /' __` __`\  /'_` \
+      /\ \/\ \/\ \/\ \L\ \
+      \ \_\ \_\ \_\ \___,_\
+       \/_/\/_/\/_/\/__,_ /
+    '';
+  };
+
+  system.stateVersion = "25.11";
+}
diff --git a/secrets/postgres-hedgedoc.age b/secrets/postgres-hedgedoc.age
new file mode 100644
index 0000000..4a37aea
--- /dev/null
+++ b/secrets/postgres-hedgedoc.age
@@ -0,0 +1,19 @@
+age-encryption.org/v1
+-> ssh-ed25519 uH+n1w GLixFnca76xHm803JN+KAIfwV20OBqEDT3FeLeSB2l8
+jPB5PyXf/YYeOGDa2TzgiE16n69i5L9hQarnkWo6mmQ
+-> ssh-ed25519 EvLbWw EHxXWWxMVJb351HyeCg9ZwhuHa2EsXW9ikj1LEkeyh8
+rN9f1ia2ns2vC8Vc0QKcf3JORhe8OKoHwy/2ayLW6Ak
+-> ssh-ed25519 dM+fLQ O2+eaJPzd2+2E5mx/zQE4wRu6HBH6u19p23/HvPXrA8
+RVLocbh9fM2YvyuAAHZZMlB16xj8nlfUd4XsvBwvZhs
+-> ssh-ed25519 jxWM2Q oCQINVqZDm5f7QaJw9iP40FaMjoaXOkM1Ij7N7ntzHs
+U8zqYADl+KcvcvF7jmaiuUBl2J2HiMGHvlHgmsf6Ew4
+-> ssh-ed25519 /yCUCg Tof5WTA5hxHqGrMgXTIV2hkyw5i+/vxTPrphaZB/JzA
+5JDdTlnMTkwb0wccvlrE4OENcGaLKELgrxfbSkeqbkw
+-> ssh-ed25519 FGp51g BobAb/lSMY8cTVLcdCCGLOS0iWypf/lM2AMLrcPmdCc
+WU8+jDAr1mYBxN9rZvuqQU+lnj8lpvTbsb9ZF9a9/d8
+-> ssh-ed25519 I2FcBQ TLJ9nqhcOEfPOOTciWo/ulKuh7GtqZSDDXI4n1JZwRI
+ldBwhmJv6Pw4Fmb3C/qz/JsWDbDICaIwyMoTvkMRt0I
+-> ssh-ed25519 fEJY/A Ah/JhYfb+AhxVvr/Tuph4f8jPzlD0iIkHM2izcUfNn8
+I9p4tl2irCop5p14Cu2mn6QyQRJzKMjSk1bvTSf6SZ4
+--- Xy4DryiHOclGL1xaVyK3N3dVLBxr0gYwwTQPZlDNet4
+«3pìõ?§€h6†Ÿ{rÂÉžðÛ{–«¬ïEw(àö³ìÖuÂŒÍk{Ã]í|Áƒ…­NÜcÎëµYI½E%US…”RTæÝ°Jat|.¹¤“£\fUÚ–ñ‹yxEþ
\ No newline at end of file
diff --git a/secrets/postgres-matrix-synapse.age b/secrets/postgres-matrix-synapse.age
new file mode 100644
index 0000000..b83955b
--- /dev/null
+++ b/secrets/postgres-matrix-synapse.age
@@ -0,0 +1,20 @@
+age-encryption.org/v1
+-> ssh-ed25519 uH+n1w 2c8iSQLommYEwAbcdmos5NUTwxq0Syqzi33LKGheIks
+69VeTwPvhySw8zAb7/wi5EjK32U4yUWlXtlhzXPo+5w
+-> ssh-ed25519 EvLbWw zxAbVUac7j6ymHcR+veJj91wx6empIcESWry5SJAiSA
+kQdfHgTcvwJ6cNOhTQ6n7jyfHwDECqhZKwLHA7EwI2Y
+-> ssh-ed25519 dM+fLQ FjU1FmRLYxeWuc3fD1J7UEnQBjH2DkwSFTS0OfRdr0s
++nsheCYHFYSRSzn1rsVVZoywCNF4Nf9WwQQVMLXUTyE
+-> ssh-ed25519 jxWM2Q 6s7G67QfhbEPc3dsePIJngE8vHK7uzjV6IqAOIAGX1A
+RXz2d3Cmb/4bE+UDwamGmDTw4ITwOQdUJAKznbGV67U
+-> ssh-ed25519 /yCUCg K7/3N+yqmtldaQGMwxnHbpCj46e0hQ+mlRbkr85uww8
+7RIUbgdePKWI8nExPbF8b0tWbnf00iVgLiHf5gNfrj4
+-> ssh-ed25519 FGp51g MAxcrUlLbxkEoAx5eb5GR1SB34f5Lo+1Bu4gB+Iuvko
+04bv1ugxY1CTKzubwFrffpVGdB7BbWLGP1++NePwAo4
+-> ssh-ed25519 I2FcBQ jVCB1GcCPUdGE4lqhx/tJSo6UBqvXXK/PT6MnaOC/QE
+QIYELUgsFNronR2LUQz4vhyCwnUXI1CyzpTZcjGXHs0
+-> ssh-ed25519 yoCmaA IGin0TzhVwNDaofpoRj5NDqkg1iyCx/CRKfjAH7exXE
+jX+SCYwU4jsg8zb7hbQh1Oib1IjnKTwgtAr57RKJgck
+--- sbAmUYpaAOgxptAoOv9s3V6jhC7uGq98MkV0plKRu8c
+I#‘Ç %ÛOšçtk‡Ãx”éŒŠ ¹IHOêk¼ší¸'hQ"àâ&Ôx»çÓÔ Àh
+$§{œÂë9’ 6×È|D3¡Þ\›é…1)CªûËe=5¦vMch
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 7ab1d5b..e8853ac 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -15,8 +15,8 @@ let
   ];
 
   _matrix = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIApAkkhHLj918co/wUGuyW8WCPYHxsNM4uo32XDEu7VV root@matrix";
-  _md = "";
-  _sql = "";
+  _md = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdFkdEEDXo8+k5YZpI1O2GqZlxcpCDtxqVun35duITm root@md";
+  _sql = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPcSXjDSyVVVdJbpheOhT0fIuOGFk+jsHhjrAVnBNLQV root@sql";
 in
 {
   "matrix_admin_password.age".publicKeys = users;
@@ -30,3 +30,4 @@ in
   "postgres-matrix-synapse.age".publicKeys = users ++ [ _sql _matrix ];
   "postgres-hedgedoc.age".publicKeys = users ++ [ _sql _md ];
 }
+