diff --git a/nixos/boxes/vpsfree1/woodpecker.nix b/nixos/boxes/vpsfree1/woodpecker.nix
index 351f6270..058703d5 100644
--- a/nixos/boxes/vpsfree1/woodpecker.nix
+++ b/nixos/boxes/vpsfree1/woodpecker.nix
@@ -4,11 +4,22 @@ let
   agentPort = 9000;
   domain = "ci.cyplo.dev";
   path = "/var/lib/woodpecker";
+  serverContainerName = "woodpecker-server";
+  agent = {
+    dependsOn = [ "${serverContainerName}" ];
+    volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock" ];
+    image =
+      "woodpeckerci/woodpecker-agent@sha256:9a98e25ca6fcf7c437ad355cfce53a696c55b9864399a4d456429a20bfb44545";
+    environmentFiles = [ "${config.sops.secrets.gitea-env.path}" ];
+    environment = {
+      WOODPECKER_SERVER = "woodpecker-server:${toString agentPort}";
+      WOODPECKER_MAX_PROCS = "2";
+    };
+  };
+
 in {
   imports = [ ../nginx.nix ];
 
-  systemd.services.systemd-sysctl.enable = lib.mkForce true;
-
   services.nginx = {
     virtualHosts = {
       "${domain}" = {
@@ -27,13 +38,14 @@ in {
   };
 
   virtualisation.podman.defaultNetwork.dnsname.enable = true;
-  virtualisation.oci-containers.containers.woodpecker-server = {
+  virtualisation.oci-containers.containers."${serverContainerName}" = {
     image =
-      "woodpeckerci/woodpecker-server@sha256:e6027e46a782d50790183b7274a2a2ad3a6c6fb9a645e6af81a16419613c28ea";
+      "woodpeckerci/woodpecker-server@sha256:37460d99638e05b75b3e6f9ea915f6922316c134d3caf8453f7c2716e9fb830c";
     volumes = [ "woodpecker-server-data:${path}" ];
     environmentFiles = [ "${config.sops.secrets.gitea-env.path}" ];
     environment = {
-      WOODPECKER_OPEN = "true";
+      WOODPECKER_OPEN = "false";
+      WOODPECKER_ADMIN = "cyplo";
       WOODPECKER_HOST = "https://${domain}";
       WOODPECKER_GITEA = "true";
       WOODPECKER_GITEA_URL = "https://git.cyplo.dev";
@@ -41,14 +53,6 @@ in {
     ports = [ "${toString httpPort}:${toString httpPort}" ];
   };
 
-  virtualisation.oci-containers.containers.woodpecker-agent = {
-    dependsOn = [ "woodpecker-server" ];
-    volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock" ];
-    image =
-      "woodpeckerci/woodpecker-agent@sha256:9a98e25ca6fcf7c437ad355cfce53a696c55b9864399a4d456429a20bfb44545";
-    environmentFiles = [ "${config.sops.secrets.gitea-env.path}" ];
-    environment = {
-      WOODPECKER_SERVER = "woodpecker-server:${toString agentPort}";
-    };
-  };
+  virtualisation.oci-containers.containers.woodpecker-agent1 = agent;
+  virtualisation.oci-containers.containers.woodpecker-agent2 = agent;
 }