diff --git a/agenix/hosts/tanker/atticd/environment.age b/agenix/hosts/tanker/atticd/environment.age
index 07e63b6..ad6715b 100644
--- a/agenix/hosts/tanker/atticd/environment.age
+++ b/agenix/hosts/tanker/atticd/environment.age
@@ -1,11 +1,11 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g Rio2L6qhE3HLAxtdsf5aDXWbDowXsR74H36HkBRY1Qs
-H36+ug7qZlnWks0j4rxhb7smuaE+fvJzrYYfYKz9VDs
--> ssh-ed25519 iO8/4g qHBdGD/HGzbFqvXL/KuPwLUg30CV/26KSOREF6qHpB0
-N35CMIkrxCPA/l4G0CqaMD7hjnvUgXLVI9vwvdvBCkE
--> (-grease @V D*c
-/zy4Ks2tvL+zUP+eL+2XXiqxm9wfCbv8iExB5sq6AHnvjPecoh2+
---- /5TCNr2PFppr/TtIPsSxkzyLtEzku996EiJ2AiULda0
-%ä/…fØÌ&Q2‰…nL`ýc:÷ªmÓ¾~eIÁžó “u9è‹ËS‘šõÐÕÓrt4À•S@!“ÁM‰´Â84ÊÅý'”<,?f¸È-ÕáH-7f(T7Õ}UÍÐ›ºvº¤& L³I	¿ÇÀœ™)Òˆss«¤C›mÞ«[X5¯ç½˜•EÕØÐÐ¯£pÍúÓZ¹B(÷ÃA÷:_°\¹Eë2h®ÊÒ—JµØÓ4Hä¶BWK\h‹Øªü¨0¡«•À¼™9e;ñí¤¼»ÊìÎ¤*PR+[ð50KùEu¸`{4œ45ÅÒ1&‚¬[°“@„çÎ4TL|Œž%4üñ]§‘ý
-z†ÔcDüœ8:ƒÌöüø„ÛýIç:b.=†Z0Ñ:Oõ†ÛKÞ%>sS­ë=Û-(W±Ë€/Ž–`ÉŽÅ§k±Íü-	Uun>Ÿ>Œ,ztsPõ”æ‚}EU]zî
-»=ù¶·›Äš6î_:
\ No newline at end of file
+-> ssh-ed25519 MtGp6g 7OUpuVWfw1jz9JtaC6K/KrJVdcLb1PKigAUIGfzgVwM
+mCIPD1YzWoHt7sIKNTwkrLixKGW0lZ86ZBp3z3wfJ6s
+-> ssh-ed25519 iO8/4g GRcZfvDBi67ZeSpbLBBTynRTMKCNMk4VSqtsMXI7p2o
+XEcy4Rp9DcsGIWFvpT4zVh3hXfsjN5R75s+VM95jT/0
+-> _7@:r|-grease RR05Nt% bPge< Ca_MC#i2 .ID>6
+dI8VCaNse7zMMLAb/wg4SPWBv7D6RuWt8QUo8GBBOR0749Tq/5Izb6+ZiM4RNabF
+UtI
+--- pXngiLlW+QG3Htiu7vqnBnTOV5PzBOhEBI+iAcDCFKc
+%šcn­…ø¿üêGÐ0<hÈæ\« F	Ôô`~+Óý0²!áB:)7S*ÅãŽÂ™>3W9yPên¢½öh!.ÜØ
+YNÉÁ·"Q×%ÈŽ]Û&­·–	€ˆ>·L‡d!ÿbíãŒ·ï*z*hU<óWü×AqY¶Õ½f°(mæß55R×n¢ûÚCŽ•õÌgÛW-ÊJœÕŠnb]Ç;Ä G÷ûI•‚¢þÃã|ù*^8#c¢ƒ›—ÓýDI­±Î!öB*5…O+.lMD9®zà]5x*£n¡ŒƒQõšDØv-€¶€ª‘†‡,™ 3JÂäd[lxÓbóâc"Ø2ŸD½'pgNîþÇz”å4Î¥˜
\ No newline at end of file
diff --git a/agenix/hosts/tanker/atuin/environment.age b/agenix/hosts/tanker/atuin/environment.age
deleted file mode 100644
index a1327e7..0000000
Binary files a/agenix/hosts/tanker/atuin/environment.age and /dev/null differ
diff --git a/agenix/hosts/tanker/config.nix b/agenix/hosts/tanker/config.nix
index 83994dd..96cd51c 100644
--- a/agenix/hosts/tanker/config.nix
+++ b/agenix/hosts/tanker/config.nix
@@ -18,10 +18,6 @@
       file = ./msmtp/password.age;
     };
 
-    atuin-environment = {
-      file = ./atuin/environment.age;
-    };
-
     atticd-environment = {
       file = ./atticd/environment.age;
     };
diff --git a/agenix/hosts/tanker/synapse/extraConfig.age b/agenix/hosts/tanker/synapse/extraConfig.age
index cf0f079..77a8825 100644
Binary files a/agenix/hosts/tanker/synapse/extraConfig.age and b/agenix/hosts/tanker/synapse/extraConfig.age differ
diff --git a/flake.lock b/flake.lock
index 8746f92..3b4bb6f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -11,11 +11,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1689334118,
-        "narHash": "sha256-djk5AZv1yU84xlKFaVHqFWvH73U7kIRstXwUAnDJPsk=",
+        "lastModified": 1690228878,
+        "narHash": "sha256-9Xe7JV0krp4RJC9W9W9WutZVlw6BlHTFMiUP/k48LQY=",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "0d8c5325fc81daf00532e3e26c6752f7bcde1143",
+        "rev": "d8c973fd228949736dedf61b7f8cc1ece3236792",
         "type": "github"
       },
       "original": {
@@ -366,11 +366,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1690190169,
-        "narHash": "sha256-E6Xj2hBFlcJIonBvi7VBSKUhYIhRHa/C05OC9I24N3M=",
+        "lastModified": 1690208251,
+        "narHash": "sha256-eb/KANeuQADVl5j4wVid4jyPCOMTorSI2+gqoXp3LME=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "ab70a02363e28738f8c6e2793e4d6b7105a0494d",
+        "rev": "d309a62ee81faec56dd31a263a0184b0e3227e36",
         "type": "github"
       },
       "original": {
@@ -449,11 +449,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1689320556,
-        "narHash": "sha256-vODUkZLWFVCvo1KPK3dC2CbXjxa9antEn5ozwlcTr48=",
+        "lastModified": 1690200740,
+        "narHash": "sha256-aRkEXGmCbAGcvDcdh/HB3YN+EvoPoxmJMOaqRZmf6vM=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "d4ea64f2063820120c05f6ba93ee02e6d4671d6b",
+        "rev": "ba9650b14e83b365fb9e731f7d7c803f22d2aecf",
         "type": "github"
       },
       "original": {
diff --git a/home/programs/nvim/plugins.nix b/home/programs/nvim/plugins.nix
index 8810ade..7fc0bcc 100644
--- a/home/programs/nvim/plugins.nix
+++ b/home/programs/nvim/plugins.nix
@@ -118,12 +118,12 @@ in
   };
   nvim-treesitter = buildVimPluginFrom2Nix {
     pname = "nvim-treesitter";
-    version = "2023-07-22";
+    version = "2023-07-24";
     src = fetchFromGitHub {
       owner = "nvim-treesitter";
       repo = "nvim-treesitter";
-      rev = "7b04e8b67eec7d92daadf9f0717dd272ddfc81a3";
-      sha256 = "0wlgk11y86pnb5jc6rsswyyvarfpbp5i7s4lqb7i2jz6m96min3n";
+      rev = "7c1e944311a0d4eb2c8a346661ee4ed207aca514";
+      sha256 = "01aw60dzgj72yk5npwwfgq7l8193kr67yypkyrc6938gdw4p3mqk";
       fetchSubmodules = false;
     };
   };
@@ -484,12 +484,12 @@ in
   };
   nvim-treesitter-textobjects = buildVimPluginFrom2Nix {
     pname = "nvim-treesitter-textobjects";
-    version = "2023-07-23";
+    version = "2023-07-24";
     src = fetchFromGitHub {
       owner = "nvim-treesitter";
       repo = "nvim-treesitter-textobjects";
-      rev = "ef32a5c24b767d165ed63fd2b24ac8dc52742521";
-      sha256 = "1jrg79hliagz408200vl4926a61c462lz5rv59xjfp70x5pbdjjd";
+      rev = "9c1962eb9a36560787876e89a73acd071081cc08";
+      sha256 = "0gqjghxy7mx555kfj7d1xas5j3wh9d1s2zfi7ydrs3w2ylbfz1sy";
       fetchSubmodules = false;
     };
   };
@@ -506,12 +506,12 @@ in
   };
   heirline-nvim = buildVimPluginFrom2Nix {
     pname = "heirline.nvim";
-    version = "2023-07-05";
+    version = "2023-07-24";
     src = fetchFromGitHub {
       owner = "rebelot";
       repo = "heirline.nvim";
-      rev = "76136ccd93ed608e8109762f032cf1118981ebbd";
-      sha256 = "09mqjrbzhfbfs6n1hg4dv5kfr1xbwbq5qhd8b52550bs6a43r9bg";
+      rev = "1840fe27dbb38efa13c8af4614acafe6efa41988";
+      sha256 = "1h4h4hkz9vkdh2hza1qp0xmiv1rkxzzq7aa4zrp82460z1ic3z1h";
       fetchSubmodules = false;
     };
   };
diff --git a/secret/hosts/tanker.nix b/secret/hosts/tanker.nix
index 709bb7e..95f46f9 100644
Binary files a/secret/hosts/tanker.nix and b/secret/hosts/tanker.nix differ
diff --git a/secrets.nix b/secrets.nix
index d34b234..0735791 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -21,8 +21,6 @@ in
 
   "agenix/hosts/tanker/msmtp/password.age".publicKeys = tanker;
 
-  "agenix/hosts/tanker/atuin/environment.age".publicKeys = tanker;
-
   "agenix/hosts/tanker/atticd/environment.age".publicKeys = tanker;
 
   "agenix/hosts/tanker/fedifetcher/config.age".publicKeys = tanker;
diff --git a/system/nixos/atticd.nix b/system/nixos/atticd.nix
index b909100..8197526 100644
--- a/system/nixos/atticd.nix
+++ b/system/nixos/atticd.nix
@@ -13,7 +13,7 @@ in
 
     settings = {
       listen = "127.0.0.1:8080";
-      database.url = secret.atticd.database-url;
+      database.url = "postgresql:///attic?host=/run/postgresql";
 
       allowed-hosts = [ "${fqdn}" ];
       api-endpoint = "https://${fqdn}/";
@@ -39,6 +39,19 @@ in
     };
   };
 
+  services.postgresql = {
+    ensureDatabases = [ "attic" ];
+
+    ensureUsers = [
+      {
+        name = "atticd";
+        ensurePermissions = {
+          "DATABASE attic" = "ALL PRIVILEGES";
+        };
+      }
+    ];
+  };
+
   services.nginx.virtualHosts."${fqdn}" = {
     quic = true;
     http3 = true;
diff --git a/system/nixos/atuin-sync.nix b/system/nixos/atuin-sync.nix
index f0d57cd..1793305 100644
--- a/system/nixos/atuin-sync.nix
+++ b/system/nixos/atuin-sync.nix
@@ -1,21 +1,11 @@
-{ pkgs, config, ... }:
-
 {
-  systemd.services.atuin-sync = {
-    description = "atuin sync server";
+  services.atuin = {
+    enable = true;
 
-    wantedBy = [ "multi-user.target" ];
-    after = [ "network.target" "network-online.target" ];
-    wants = [ "network.target" "network-online.target" ];
-
-    serviceConfig = {
-      ExecStart = "${pkgs.atuin}/bin/atuin server start";
-      EnvironmentFile = [ config.age.secrets.atuin-environment.path ];
-      Restart = "on-failure";
-      DynamicUser = true;
-      RuntimeDirectory = "atuin";
-      RuntimeDirectoryMode = "0700";
-    };
+    host = "127.0.0.1";
+    port = 8015;
+    openRegistration = false;
+    openFirewall = false;
   };
 
   services.nginx.virtualHosts."atuin-sync.kempkens.io" = {
diff --git a/system/nixos/postgresql.nix b/system/nixos/postgresql.nix
index b5c661b..d523805 100644
--- a/system/nixos/postgresql.nix
+++ b/system/nixos/postgresql.nix
@@ -13,19 +13,6 @@
       wal_recycle = "off";
     };
 
-    ensureDatabases = [
-      "attic"
-    ];
-
-    ensureUsers = [
-      {
-        name = "attic";
-        ensurePermissions = {
-          "DATABASE attic" = "ALL PRIVILEGES";
-        };
-      }
-    ];
-
     authentication = ''
       host all all 100.113.242.85/32 md5
       host all all 10.88.0.0/16 md5
diff --git a/system/nixos/synapse.nix b/system/nixos/synapse.nix
index 9f31237..2952a85 100644
--- a/system/nixos/synapse.nix
+++ b/system/nixos/synapse.nix
@@ -32,7 +32,11 @@ in
       database = {
         name = "psycopg2";
         args = {
-          host = "127.0.0.1";
+          host = "/run/postgresql";
+          user = "matrix-synapse";
+          database = "synapse";
+          cp_min = 5;
+          cp_max = 10;
         };
       };
 
@@ -103,7 +107,7 @@ in
     };
   };
 
-  systemd.services.matrix-synapse.after = [ "podman-wait-for-host-interface.service" ];
+  systemd.services.matrix-synapse.after = [ "postgresql.service" "podman-wait-for-host-interface.service" ];
 
   networking.firewall.interfaces."podman+".allowedTCPPorts = [ 8008 ];