diff --git a/secrets/forgejo-runner-token.age b/secrets/forgejo-runner-token.age
deleted file mode 100644
index 451b4ed..0000000
Binary files a/secrets/forgejo-runner-token.age and /dev/null differ
diff --git a/secrets/initialPassword.age b/secrets/initialPassword.age
new file mode 100644
index 0000000..beb356e
--- /dev/null
+++ b/secrets/initialPassword.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 OWkVXw Kp9otTIwi3SuVG43UebS2B+bvp6uy81KIIPIeJSW8iE
+xXX6N1WrkxNLOC4ClZo9XzUZOdFK6210trH2GS5+N0E
+-> ssh-ed25519 MTO1pg 70GcDYGKyG0w0s1ehWvcid1JKNRY3vRPeQhnEfHDWBI
+Fcq3ZR6iA0J4CUBuQeVIyRoGMu88bd9oBrwGCJKicBE
+-> ssh-ed25519 wnEUpw m7HRrztgLMS90k3cwzqBkMKfbji0Ub8atDwTGJNeq0c
+rEPjFTG+hEPHNoLOyhmcY4QMJ4DYIIhBR10GVZqcIuo
+--- eXz18+bRHesrblBjD/aqwFkAXUhEL741swR1csHpoXU
+Ô|}pÁ#¢ç®,\‚m:(·¸ª#ëHH¡aÃÒ¸ß_~ª7 ž(5EgÈÏOQY[»r U;e
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 6e0d22d..356f51e 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -9,8 +9,7 @@ let
   systems   = [ forgejo grafana ];
 in
 {
-  "forgejo-runner-token.age".publicKeys = [ tbarnouin forgejo ];
-  "../services/forgejo-runner/secrets/forgejo-runner-token.age".publicKeys = [ tbarnouin forgejo ];
+  "initialPassword.age".publicKeys = users ++ systems;
   "../services/grafana/secrets/grafana-db.age".publicKeys = [ tbarnouin grafana ];
   "../services/grafana/secrets/kuma-token.age".publicKeys = [ tbarnouin grafana ];
 }
diff --git a/services/minimalConfig/default.nix b/services/minimalConfig/default.nix
index 6f7f638..e62bfea 100644
--- a/services/minimalConfig/default.nix
+++ b/services/minimalConfig/default.nix
@@ -28,6 +28,7 @@
     options = "--delete-older-than 7d";
   };
 
+  age.secrets.initialPassword.file  = ./secrets/initialPassword.age;
   security.sudo.wheelNeedsPassword = false;
   users = {
     users.tbarnouin = {
@@ -38,7 +39,7 @@
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICf1B0nxNMvPWSR9pStdtx2x6Iw+JUeCCt1CKWoD8dsr"
       ];
-      initialPassword = "test";
+      initialPassword = config.age.initialPassword.path;
     };
     users.root = {
       openssh.authorizedKeys.keys = [