diff --git a/flake.nix b/flake.nix
index 570e836..315185a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -35,7 +35,10 @@
     nixos-generators.url = "github:nix-community/nixos-generators";
 
     # Iceshrimpy
-    iceshrimp.url = "git+https://iceshrimp.dev/iceshrimp/packaging";
+    iceshrimp = {
+      url = "git+https://iceshrimp.dev/iceshrimp/packaging";
+      inputs.nixpkgs.follows = "nixpkgs-unstable";
+    };
 
     # Self
     noe-sh = {
diff --git a/nixos/hosts/porcelain-doll-repair/default.nix b/nixos/hosts/porcelain-doll-repair/default.nix
index b6fa550..e0dbf70 100644
--- a/nixos/hosts/porcelain-doll-repair/default.nix
+++ b/nixos/hosts/porcelain-doll-repair/default.nix
@@ -1,19 +1,24 @@
-{ inputs, ... }: {
+{ inputs,  config, ... }: {
   imports = [
     ../../templates/proxmox-lxc.nix
     ../../server.nix
     ../../features/dns-cache.nix
     ../../features/telemetry
-    inputs.iceshrimp.nixosModules.iceshrimp
+    inputs.iceshrimp.nixosModules.iceshrimp {}
   ];
 
   networking.hostName = "porcelain-doll-repair";
   system.stateVersion = "24.05";
   nixpkgs.hostPlatform = "x86_64-linux";
 
+  sops.secrets.db_password = {
+    sopsFile = ../../../secrets/porcelain-doll-repair/default.yaml;
+  };
+
   services.iceshrimp = {
     enable = true;
     url = "https://porcelain.doll.repair";
     createDb = true;
+    dbPasswordFile = config.sops.secrets.db_password.path;
   };
 }