diff --git a/hosts/ami/woodpecker.nix b/hosts/ami/woodpecker.nix
index 9103c89..f771ea9 100644
--- a/hosts/ami/woodpecker.nix
+++ b/hosts/ami/woodpecker.nix
@@ -1,11 +1,17 @@
-{config, ...}: {
+{
+  config,
+  pkgs,
+  ...
+}: {
   age.secrets.woodpecker.file = ../../secrets/woodpecker.age;
 
   services = let
     port = 3007;
+    grpc-port = 9000;
   in {
     woodpecker-server = {
       enable = true;
+      package = pkgs.unstable.woodpecker-server;
 
       environment = {
         WOODPECKER_OPEN = "true";
@@ -13,6 +19,7 @@
         WOODPECKER_ADMIN = "chef";
         WOODPECKER_HOST = "https://build.buffets.kitchen/";
         WOODPECKER_SERVER_ADDR = ":${toString port}";
+        WOODPECKER_GRPC_ADDR = ":${toString port}";
 
         WOODPECKER_FORGEJO = "true";
         WOODPECKER_FORGEJO_URL = "https://buffets.kitchen/";
@@ -21,6 +28,21 @@
       environmentFile = config.age.secrets.woodpecker.path;
     };
 
+    woodpecker-agents.agents = {
+      podman = {
+        package = pkgs.unstable.woodpecker-agent;
+
+        environment = {
+          WOODPECKER_SERVER = "localhost:${toString grpc-port}";
+          WOODPECKER_BACKEND = "docker";
+          DOCKER_HOST = "unix:///run/podman/podman.sock";
+        };
+
+        environmentFile = config.age.secrets.woodpecker.path;
+        extraGroups = ["podman"];
+      };
+    };
+
     nginx = {
       virtualHosts."build.buffets.kitchen" = {
         useACMEHost = "buffet.sh";
diff --git a/secrets/woodpecker.age b/secrets/woodpecker.age
index f7ce12f..750faf7 100644
Binary files a/secrets/woodpecker.age and b/secrets/woodpecker.age differ