diff --git a/etc/.gitignore b/etc/.gitignore
index f90d8e8..7b8ba51 100644
--- a/etc/.gitignore
+++ b/etc/.gitignore
@@ -28,8 +28,8 @@
 /exports
 /exports.d/
 /fonts/
+/forgejo.conf
 /gai.conf
-/gitea.conf
 /gprofng.rc
 /group-
 /grub.d/
@@ -69,6 +69,7 @@
 /protocols
 /resolv.conf
 /rpc
+/rsyncd.conf
 /screenrc
 /securetty
 /security/
diff --git a/etc/apache/httpd.conf b/etc/apache/httpd.conf
index 090fd84..21dc88b 100644
--- a/etc/apache/httpd.conf
+++ b/etc/apache/httpd.conf
@@ -305,9 +305,9 @@ DirectoryIndex	disabled
   </Directory>
 </IfModule>
 
-<Directory /data/www/html>
+<Directory /data/var/www/html>
   Options		Includes MultiViews SymLinksIfOwnerMatch
-  AllowOverride		AuthConfig FileInfo Indexes Limit
+  AllowOverride		AuthConfig FileInfo Indexes Limit Options
 
   Require		all granted
 
@@ -336,7 +336,7 @@ DirectoryIndex	disabled
 </Directory>
 
 <IfModule cgid_module>
-  <Directory /data/www/cgi-bin/>
+  <Directory /data/var/www/cgi-bin/>
     Options		ExecCGI Includes MultiViews SymLinksIfOwnerMatch
     AllowOverride	AuthConfig FileInfo Limit
 
diff --git a/etc/apache/sites.d/_default_.conf b/etc/apache/sites.d/_default_.conf
index 39d7508..b161d28 100644
--- a/etc/apache/sites.d/_default_.conf
+++ b/etc/apache/sites.d/_default_.conf
@@ -55,11 +55,11 @@
     RedirectMatch	permanent	^/(?!(\.well-known|httpd-errordocs)/)(.*)	https://afterdark.org.uk/$2
   </IfModule>
   <IfModule !ssl_module>
-    ScriptAlias		/cgi-bin/	/data/www/cgi-bin/
+    ScriptAlias		/cgi-bin/	/data/var/www/cgi-bin/
 
-    DocumentRoot	/data/www/html/
+    DocumentRoot	/data/var/www/html/
 
-    CustomLog		/data/www/logs/httpd-access		VHostCombined   env=!no_log
+    CustomLog		/data/var/www/logs/httpd-access		VHostCombined   env=!no_log
 
     <Proxy *>
       Require		all granted
@@ -67,8 +67,8 @@
     # Do NOT add backslashes to the end of the urls.
     ProxyPass		/git		http://127.0.0.1:9100
     ProxyPassReverse	/git		http://127.0.0.1:9100
-    ProxyPass		/terrastate	http://127.0.0.1:9200
-    ProxyPassReverse	/terrastate	http://127.0.0.1:9200
+    ProxyPass		/ts		http://127.0.0.1:9200
+    ProxyPassReverse	/ts		http://127.0.0.1:9200
 
     <IfModule userdir_module>
       UserDir		/data/home/*/www/html
@@ -90,11 +90,11 @@
     SetEnvIf			REQUEST_URI	^/robots\.txt$		no_log
     SetEnvIf			REQUEST_URI	^/favicon\.ico$		no_log
 
-    ScriptAlias			/cgi-bin/	/data/www/cgi-bin/
+    ScriptAlias			/cgi-bin/	/data/var/www/cgi-bin/
 
-    DocumentRoot		/data/www/html/
+    DocumentRoot		/data/var/www/html/
 
-    CustomLog			/data/www/logs/httpd-access		VHostCombined   env=!no_log
+    CustomLog			/data/var/www/logs/httpd-access		VHostCombined   env=!no_log
 
     <Proxy *>
       Require			all granted
@@ -102,8 +102,8 @@
     # Dot NOT add backslashes to the end of the urls.
     ProxyPass			/git		http://127.0.0.1:9100
     ProxyPassReverse		/git		http://127.0.0.1:9100
-    ProxyPass			/terrastate	http://127.0.0.1:9200
-    ProxyPassReverse		/terrastate	http://127.0.0.1:9200
+    ProxyPass			/ts		http://127.0.0.1:9200
+    ProxyPassReverse		/ts		http://127.0.0.1:9200
 
     <IfModule userdir_module>
       UserDir			/data/home/*/www/html
diff --git a/etc/autofs/auto.storage b/etc/autofs/auto.storage
index 03e2a9d..586149c 100644
--- a/etc/autofs/auto.storage
+++ b/etc/autofs/auto.storage
@@ -1,7 +1,5 @@
 home		-vers=4,hard,acl,rw,fsc		192.168.67.245:/home
 media		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/media
-gitea		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/gitea
-gitroot		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/gitroot
 slackware	-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/slackware
 tmp		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/tmp
-www		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/www
+var		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/var
diff --git a/etc/cron.daily/cronjob-dehdrated b/etc/cron.daily/cronjob-dehdrated
deleted file mode 120000
index cef01bf..0000000
--- a/etc/cron.daily/cronjob-dehdrated
+++ /dev/null
@@ -1 +0,0 @@
-/opt/bin/cronjob-dehdrated
\ No newline at end of file
diff --git a/etc/cron.daily/cronjob-dehydrated b/etc/cron.daily/cronjob-dehydrated
new file mode 120000
index 0000000..5a62d17
--- /dev/null
+++ b/etc/cron.daily/cronjob-dehydrated
@@ -0,0 +1 @@
+/opt/bin/cronjob-dehydrated
\ No newline at end of file
diff --git a/etc/default/terraform-http-backend b/etc/default/terraform-http-backend
new file mode 100644
index 0000000..56825e2
--- /dev/null
+++ b/etc/default/terraform-http-backend
@@ -0,0 +1,7 @@
+# Note: must include / on the end!
+export TF_STORAGE_DIR=/data/var/terraform-http-backend/
+export TF_AUTH_ENABLED=false
+# export TF_USERNAME=admin
+# export TF_PASSWORD=admin
+export TF_PORT=9200
+export TF_IP=127.0.0.1
diff --git a/etc/forgejo.conf.gpg b/etc/forgejo.conf.gpg
new file mode 100644
index 0000000..8393d01
Binary files /dev/null and b/etc/forgejo.conf.gpg differ
diff --git a/etc/gitea.conf.gpg b/etc/gitea.conf.gpg
deleted file mode 100644
index e3508b3..0000000
Binary files a/etc/gitea.conf.gpg and /dev/null differ
diff --git a/etc/group b/etc/group
index 77dc6c3..85ec121 100644
--- a/etc/group
+++ b/etc/group
@@ -34,5 +34,5 @@ ntpd:x:997:
 rpc:x:996:
 _mlocate:x:995:
 _apache:x:994:
-_gitea:x:993:
-_terrastate:x:992:
+_forgejo:x:993:
+_ts:x:992:
diff --git a/etc/gshadow.gpg b/etc/gshadow.gpg
index 3f112f6..9dc97b0 100644
--- a/etc/gshadow.gpg
+++ b/etc/gshadow.gpg
@@ -1,3 +1 @@
-Œ	b§cù¡$òÒÀ>B¤ýî0‚~J˜:ßŸâX…½ÿ\M¼ Û3Vø½-°34ùŒúU…%‰8œ–=§ðßYÑ¥ñáøèj*Y¿£gÓïÐ†W÷µOšâIõq0Y'rÄA<ý£Ý*m§bÓ:…^HÑ
-è+<Ÿeñ‹ZUÿ¬‰Yß²Æë“ª”k‰ëÐ¡v#Y3¿Ì^Ær}æe¸z #‘
-ES9,‡ÿÄv¦½çûJð¬sæ¢WÇš`š=dÓè#—Á]osœÔ]ä.qÀP’RÌ{û·Çv—õH²×A^Ã°ÖvsŽ*ç4ÇgümêÝÑŸàð…=
\ No newline at end of file
+Œ	c»¿”ú áòÒÀ>Dá-Ùô8žö]Åá¬¸êßÃœÀ	ß¤zd*‡œÄ•Œò”·^y0Ú?AÐkìåÌ°°á'o”Ás­Éb·Bc1k2jÆýí†çT'PV¥wªo%]¯"ÈÐ¼0+HË,G/;9¡þŠ`R±ùá0ÒT2>{"š¯Óo]ë#àç¡üª¹3Pã-ŽËKæÃkš°bµrM«¨žÆ/·ÒÚËF£?MW]Ÿµ!Ï÷ëÜT<0’D(ìVh¾E£‰TPY:!ãå¼z´ýŠ7{!Ó·gæúÍ¼ ³äC¼Q^»WÇ€ÌòñL)­Ös’0Ú]ÙŽ*
\ No newline at end of file
diff --git a/etc/passwd b/etc/passwd
index f21e04b..ae39556 100644
--- a/etc/passwd
+++ b/etc/passwd
@@ -7,5 +7,5 @@ ntpd:x:997:997:ntpd unprivileged user:/var/db/ntpd:/sbin/nologin
 rpc:x:996:996:rpc unprivileged user:/var/empty:/sbin/nologin
 _mlocate:x:995:995:_mlocate unprivileged user:/var/empty:/sbin/nologin
 _apache:x:994:994:_apache unprivileged user:/srv/www/apache:/sbin/nologin
-_gitea:x:993:993:_gitea unprivileged user:/var/lib/gitea:/bin/bash
-_terrastate:x:992:992:_terrastate unprivileged user:/var/lib/terrastate:/sbin/nologin
+_forgejo:x:993:993:_forgejo unprivileged user:/var/lib/forgejo:/bin/bash
+_ts:x:992:992:_ts unprivileged user:/var/lib/ts:/bin/bash
diff --git a/etc/php8.2/.gitignore b/etc/php8.2/.gitignore
deleted file mode 100644
index 1a34856..0000000
--- a/etc/php8.2/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-*.default
diff --git a/etc/php8.3/.gitignore b/etc/php8.3/.gitignore
new file mode 100644
index 0000000..dc05967
--- /dev/null
+++ b/etc/php8.3/.gitignore
@@ -0,0 +1 @@
+/*.orig
diff --git a/etc/php8.2/php-fpm.conf b/etc/php8.3/php-fpm.conf
similarity index 100%
rename from etc/php8.2/php-fpm.conf
rename to etc/php8.3/php-fpm.conf
diff --git a/etc/php8.3/php-fpm.d/.gitignore b/etc/php8.3/php-fpm.d/.gitignore
new file mode 100644
index 0000000..dc05967
--- /dev/null
+++ b/etc/php8.3/php-fpm.d/.gitignore
@@ -0,0 +1 @@
+/*.orig
diff --git a/etc/php8.2/php-fpm.d/www.conf b/etc/php8.3/php-fpm.d/www.conf
similarity index 100%
rename from etc/php8.2/php-fpm.d/www.conf
rename to etc/php8.3/php-fpm.d/www.conf
diff --git a/etc/php8.2/php.ini b/etc/php8.3/php.ini
similarity index 100%
rename from etc/php8.2/php.ini
rename to etc/php8.3/php.ini
diff --git a/etc/pkglist b/etc/pkglist
index c00e350..49859da 100644
--- a/etc/pkglist
+++ b/etc/pkglist
@@ -21,6 +21,9 @@ bash
 bc
 bind-libs
 bind-utils
+binutils
+binutils-doc
+binutils-libs
 brltty
 brotli
 btrfs-progs
@@ -67,7 +70,7 @@ gawk
 gdbm
 gdk-pixbuf
 git
-gitea
+git-lfs
 glib
 glibc
 glibc-locales
@@ -75,6 +78,7 @@ glibmm
 gmp
 gnupg
 gnutls
+go
 graphite
 grep
 grub
@@ -131,8 +135,10 @@ libargon2
 libaspell
 libassuan
 libasyncns
+libatomic
 libblkid
 libbluetooth
+libbpf
 libcap
 libcap-ng
 libcap-progs
@@ -143,6 +149,7 @@ libcups
 libcurl
 libdatrie
 libdb
+libdebuginfod
 libdrm
 libedit
 libefivar
@@ -172,6 +179,7 @@ libjpeg-turbo
 libkeyutils
 libkmod
 libksba
+liblastlog2
 libldap
 libldns
 libltdl
@@ -197,6 +205,7 @@ libpciaccess
 libpcre
 libpcre2
 libpng
+libpsl
 libpulseaudio
 libreadline8
 librsvg
@@ -230,6 +239,9 @@ libvoikko
 libvorbis
 libxbps
 libxcb
+libxcrypt
+libxcrypt-compat
+libxcrypt-devel
 libxkbcommon
 libxkbfile
 libxml2
@@ -245,9 +257,11 @@ linux-firmware-intel
 linux-firmware-network
 linux-firmware-nvidia
 linux6.5
+linux6.6
 logrotate
 lowdown
 lsof
+lua54
 lvm2
 lynx
 lzo
@@ -313,24 +327,25 @@ php-snmp
 php-sqlite
 php-tidy
 php-xsl
-php8.2
-php8.2-cgi
-php8.2-enchant
-php8.2-fpm
-php8.2-intl
-php8.2-ldap
-php8.2-mysql
-php8.2-odbc
-php8.2-snmp
-php8.2-sqlite
-php8.2-tidy
-php8.2-xsl
+php8.3
+php8.3-cgi
+php8.3-enchant
+php8.3-fpm
+php8.3-intl
+php8.3-ldap
+php8.3-mysql
+php8.3-odbc
+php8.3-snmp
+php8.3-sqlite
+php8.3-tidy
+php8.3-xsl
 pick
 pinentry
 pinfo
 pixman
 popt
 procps-ng
+public-suffix
 python3
 python3-pip
 python3-setuptools
@@ -352,6 +367,8 @@ sqlite
 sshguard
 sudo
 tar
+terraform
+tflint
 thin-provisioning-tools
 tiff
 traceroute
diff --git a/etc/runit/runsvdir/default/forgejo b/etc/runit/runsvdir/default/forgejo
new file mode 120000
index 0000000..759ba08
--- /dev/null
+++ b/etc/runit/runsvdir/default/forgejo
@@ -0,0 +1 @@
+/etc/sv/forgejo
\ No newline at end of file
diff --git a/etc/runit/runsvdir/default/gitea b/etc/runit/runsvdir/default/gitea
deleted file mode 120000
index f9ec528..0000000
--- a/etc/runit/runsvdir/default/gitea
+++ /dev/null
@@ -1 +0,0 @@
-/etc/sv/gitea
\ No newline at end of file
diff --git a/etc/runit/runsvdir/default/php-fpm8.2 b/etc/runit/runsvdir/default/php-fpm8.2
deleted file mode 120000
index e3e497f..0000000
--- a/etc/runit/runsvdir/default/php-fpm8.2
+++ /dev/null
@@ -1 +0,0 @@
-/etc/sv/php-fpm8.2
\ No newline at end of file
diff --git a/etc/runit/runsvdir/default/php-fpm8.3 b/etc/runit/runsvdir/default/php-fpm8.3
new file mode 120000
index 0000000..5f597ee
--- /dev/null
+++ b/etc/runit/runsvdir/default/php-fpm8.3
@@ -0,0 +1 @@
+/etc/sv/php-fpm8.3
\ No newline at end of file
diff --git a/etc/runit/runsvdir/default/terraform-http-backend b/etc/runit/runsvdir/default/terraform-http-backend
new file mode 120000
index 0000000..823408b
--- /dev/null
+++ b/etc/runit/runsvdir/default/terraform-http-backend
@@ -0,0 +1 @@
+/etc/sv/terraform-http-backend
\ No newline at end of file
diff --git a/etc/runit/shutdown.d/75-force-unmounts.sh b/etc/runit/shutdown.d/75-force-unmounts.sh
deleted file mode 100644
index dca93ea..0000000
--- a/etc/runit/shutdown.d/75-force-unmounts.sh
+++ /dev/null
@@ -1 +0,0 @@
-umount -f -r -a -t nosysfs,noproc,nodevtmpfs,notmpfs
diff --git a/etc/runit/shutdown.d/75-unmount-remote.sh b/etc/runit/shutdown.d/75-unmount-remote.sh
new file mode 100644
index 0000000..c22da26
--- /dev/null
+++ b/etc/runit/shutdown.d/75-unmount-remote.sh
@@ -0,0 +1,5 @@
+msg "Unmounting remote filesystems..."
+
+sync
+
+umount -l -r -t nfs,nfs4
diff --git a/etc/shadow.gpg b/etc/shadow.gpg
index 30ee36e..184887f 100644
Binary files a/etc/shadow.gpg and b/etc/shadow.gpg differ
diff --git a/etc/sv/.gitignore b/etc/sv/.gitignore
index fe594a2..c180873 100644
--- a/etc/sv/.gitignore
+++ b/etc/sv/.gitignore
@@ -32,7 +32,7 @@
 /mdadm/
 /nfs-server/
 /ntpd
-/php-fpm8.2/
+/php-fpm8.3/
 /rpcbind/
 /rpcblkmapd/
 /rpcgssd/
diff --git a/etc/sv/forgejo/.gitignore b/etc/sv/forgejo/.gitignore
new file mode 100644
index 0000000..57e2453
--- /dev/null
+++ b/etc/sv/forgejo/.gitignore
@@ -0,0 +1 @@
+/supervise
diff --git a/etc/sv/forgejo/log/.gitignore b/etc/sv/forgejo/log/.gitignore
new file mode 100644
index 0000000..57e2453
--- /dev/null
+++ b/etc/sv/forgejo/log/.gitignore
@@ -0,0 +1 @@
+/supervise
diff --git a/etc/sv/forgejo/log/run b/etc/sv/forgejo/log/run
new file mode 100755
index 0000000..6ed74fb
--- /dev/null
+++ b/etc/sv/forgejo/log/run
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec vlogger -t forgejo -p daemon
diff --git a/etc/sv/forgejo/run b/etc/sv/forgejo/run
new file mode 100755
index 0000000..fb2365b
--- /dev/null
+++ b/etc/sv/forgejo/run
@@ -0,0 +1,13 @@
+#!/bin/sh
+exec 2>&1
+
+# USER and HOME are needed because gitea doesn't actually check the user it
+# runs as, but instead just grabs the variables from the variables.
+export USER=_forgejo
+export HOME=/data/var/forgejo
+
+# gitea needs to run from its home for SSH to work properly
+export GITEA_WORK_DIR="${HOME}"
+
+cd "${HOME}"
+exec chpst -u _forgejo:_forgejo /opt/bin/forgejo web --config /etc/forgejo.conf 2>&1
diff --git a/etc/sv/terraform-http-backend/.gitignore b/etc/sv/terraform-http-backend/.gitignore
new file mode 100644
index 0000000..57e2453
--- /dev/null
+++ b/etc/sv/terraform-http-backend/.gitignore
@@ -0,0 +1 @@
+/supervise
diff --git a/etc/sv/terraform-http-backend/conf b/etc/sv/terraform-http-backend/conf
new file mode 120000
index 0000000..e2cdc10
--- /dev/null
+++ b/etc/sv/terraform-http-backend/conf
@@ -0,0 +1 @@
+/etc/default/terraform-http-backend
\ No newline at end of file
diff --git a/etc/sv/terraform-http-backend/log/.gitignore b/etc/sv/terraform-http-backend/log/.gitignore
new file mode 100644
index 0000000..57e2453
--- /dev/null
+++ b/etc/sv/terraform-http-backend/log/.gitignore
@@ -0,0 +1 @@
+/supervise
diff --git a/etc/sv/terraform-http-backend/log/run b/etc/sv/terraform-http-backend/log/run
new file mode 100755
index 0000000..6a2435b
--- /dev/null
+++ b/etc/sv/terraform-http-backend/log/run
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec vlogger -t terraform-http-backend -p daemon
diff --git a/etc/sv/terraform-http-backend/run b/etc/sv/terraform-http-backend/run
new file mode 100755
index 0000000..09236ef
--- /dev/null
+++ b/etc/sv/terraform-http-backend/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+exec 2>&1
+[ -r conf ] && . ./conf
+exec chpst -u _ts:_ts /opt/bin/terraform-http-backend 2>&1
