diff --git a/configuration/default.nix b/configuration/default.nix
index 610851a..5d491af 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -18,7 +18,6 @@
     ./services/conduit.nix
     ./services/foundryvtt.nix
     ./services/gitea.nix
-    ./services/metrics.nix
     ./services/nextcloud.nix
     ./services/webserver.nix
     ./services/wireguard.nix
diff --git a/configuration/services/metrics.nix b/configuration/services/metrics.nix
deleted file mode 100644
index 12a48e0..0000000
--- a/configuration/services/metrics.nix
+++ /dev/null
@@ -1,86 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}: let
-  domain = "metrics.${config.services.nginx.domain}";
-  yaml = pkgs.formats.yaml {};
-in {
-  services.victoriametrics.enable = true;
-
-  services.grafana = {
-    enable = true;
-    settings = {
-      server.http_port = 3001; # Default overlaps with gitea
-
-      security = {
-        admin_user = "tlater";
-        admin_password = "$__file{${config.sops.secrets."grafana/adminPassword".path}}";
-        secret_key = "$__file{${config.sops.secrets."grafana/secretKey".path}}";
-        cookie_secure = true;
-        cookie_samesite = "strict";
-        content_security_policy = true;
-      };
-
-      database = {
-        user = "grafana";
-        name = "grafana";
-        type = "postgres";
-        host = "/run/postgresql";
-      };
-    };
-
-    provision = {
-      enable = true;
-
-      datasources.settings.datasources = [
-        {
-          name = "Victoriametrics - tlater.net";
-          url = "http://localhost:8428";
-          type = "prometheus";
-        }
-      ];
-    };
-  };
-
-  services.prometheus.exporters = {
-    node = {
-      enable = true;
-      enabledCollectors = ["systemd"];
-      listenAddress = "127.0.0.1";
-    };
-  };
-
-  systemd.services.export-to-victoriametrics = let
-    promscrape = yaml.generate "prometheus.yml" {
-      scrape_configs = [
-        {
-          job_name = "tlater.net";
-          static_configs = [
-            {
-              targets =
-                lib.mapAttrsToList (name: exporter: "${exporter.listenAddress}:${toString exporter.port}")
-                (lib.filterAttrs (name: exporter: (builtins.isAttrs exporter) && exporter.enable)
-                  config.services.prometheus.exporters);
-            }
-          ];
-        }
-      ];
-    };
-  in {
-    enable = true;
-    path = [pkgs.victoriametrics];
-    wantedBy = ["multi-user.target"];
-    script = "vmagent -promscrape.config=${promscrape} -remoteWrite.url=http://localhost:8428/api/v1/write";
-  };
-
-  services.nginx.virtualHosts."${domain}" = {
-    forceSSL = true;
-    enableACME = true;
-    extraConfig = ''
-      add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
-    '';
-    locations."/".proxyPass = "http://localhost:3001";
-  };
-}
diff --git a/configuration/services/postgres.nix b/configuration/services/postgres.nix
index 923007d..6c584bb 100644
--- a/configuration/services/postgres.nix
+++ b/configuration/services/postgres.nix
@@ -16,12 +16,6 @@
     # that operation needs to be performed manually on the system as
     # well.
     ensureUsers = [
-      {
-        name = "grafana";
-        ensurePermissions = {
-          "DATABASE grafana" = "ALL PRIVILEGES";
-        };
-      }
       {
         name = "nextcloud";
         ensurePermissions = {
@@ -31,7 +25,6 @@
     ];
 
     ensureDatabases = [
-      "grafana"
       "nextcloud"
     ];
   };
diff --git a/configuration/sops.nix b/configuration/sops.nix
index 6eae9fc..269fa58 100644
--- a/configuration/sops.nix
+++ b/configuration/sops.nix
@@ -3,37 +3,28 @@
     defaultSopsFile = ../keys/production.yaml;
 
     secrets = {
-      # Grafana
-      "grafana/adminPassword" = {
-        owner = "grafana";
-        group = "grafana";
-      };
-      "grafana/secretKey" = {
-        owner = "grafana";
-        group = "grafana";
-      };
-
-      # Heisenbridge
-      "heisenbridge/as-token" = {};
-      "heisenbridge/hs-token" = {};
-
-      # Nextcloud
       "nextcloud/tlater" = {
         owner = "nextcloud";
         group = "nextcloud";
       };
 
-      # Restic
+      "steam/tlater" = {};
+
+      "heisenbridge/as-token" = {};
+      "heisenbridge/hs-token" = {};
+
+      "wireguard/server-key" = {
+        owner = "root";
+        group = "systemd-network";
+        mode = "0440";
+      };
+
       "restic/local-backups" = {
         owner = "root";
         group = "backup";
         mode = "0440";
       };
 
-      # Steam
-      "steam/tlater" = {};
-
-      # Turn
       "turn/env" = {};
       "turn/secret" = {
         owner = "turnserver";
@@ -44,13 +35,6 @@
       "turn/ssl-cert" = {
         owner = "turnserver";
       };
-
-      # Wireguard
-      "wireguard/server-key" = {
-        owner = "root";
-        group = "systemd-network";
-        mode = "0440";
-      };
     };
   };
 }
diff --git a/keys/production.yaml b/keys/production.yaml
index 87ef3c4..f8d259d 100644
--- a/keys/production.yaml
+++ b/keys/production.yaml
@@ -1,5 +1,3 @@
-metrics:
-    tlater: ENC[AES256_GCM,data:4nB0H45nlongb0x1OOKzNXIk96PovZ7OwENovnBZUwMl9ncfYwTHT30OlLsPA75w1govH0jyBRkn1Pe/qHzY1Zt53B8=,iv:AfZ4So6HnjOXzqiHM3WpOsQZJs2CEckuxGfyDxc4TNA=,tag:fIXOKJSVDLpLbiLd2zAu9w==,type:str]
 nextcloud:
     tlater: ENC[AES256_GCM,data:zNsPm4uFaIRe3LjcwmayRg==,iv:5wam6bP5zP708jC9UrLV0s8qspl3Pm4fPzbMFYBUyPQ=,tag:apnJUMeJwMn9q0NhO4ptmA==,type:str]
 steam:
@@ -23,8 +21,8 @@ sops:
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2023-09-25T00:42:25Z"
-    mac: ENC[AES256_GCM,data:28o/elUKslgn5auYfr34N9fE7B6EoZ6njL6yT0emjfoTjsCADJOLcHfUDNWb3AMP3Z5e/w8WsxI7MpwuwUXRvZ6u9Kui1IBcQu/V6GEzpBVw7JkLHZvsUFHOj/uEBcPvON7pKfXtG3vdH8FF1cxeenFm1Z0cX4C0WrNaxumGknA=,iv:GYK0/JZtCkbVorus+9HQbtxAnIXviiNkoC9dMqTHflM=,tag:R3N5hf/UV2nqyOI50Imr6g==,type:str]
+    lastmodified: "2023-09-23T18:55:44Z"
+    mac: ENC[AES256_GCM,data:psqgXozY9L7nduZ11GF+mbIrZ4RUySqBixkWL5z0cYeoLA3URb/dr028LCmNgQS9l8aJVsjVkyLBJIU/8wmiUNqRy/VI5iqV5mu+sxXhUVwFL0dAAWP1lOKwwT5uGK89/ioqkphgzuWD37vGe2vYddKkJF0M+zlz12fqkMjaisU=,iv:UyRoJbfuGU3K/Mp5DQ1kY0Z+nKSSo46BGNAcxt+vAvc=,tag:HkP6+qxQ8J/xAYJXYoG/6g==,type:str]
     pgp:
         - created_at: "2022-10-12T00:46:51Z"
           enc: |
diff --git a/keys/staging.yaml b/keys/staging.yaml
index 86ce700..a6b0849 100644
--- a/keys/staging.yaml
+++ b/keys/staging.yaml
@@ -1,6 +1,3 @@
-grafana:
-    adminPassword: ENC[AES256_GCM,data:dYfaxUpQpzA=,iv:j5wSem8C5+V4c5qRzXQJhsU7/FOtpvrnaEyFBmW6zJ4=,tag:oc8n3TkEbjF2gjuOobZuLA==,type:str]
-    secretKey: ENC[AES256_GCM,data:Atruvh2MsNY=,iv:y2MaCUCEzGIydHp6G0DJHfk289S1is0twKm2oUYwDhM=,tag:nAWeg+YqaYqk6k22oBkAhQ==,type:str]
 nextcloud:
     tlater: ENC[AES256_GCM,data:91kDcO4hpng=,iv:ayuILRmRru4ZxTCur9H2xHuLjkDzwPdS/4lEog/tesU=,tag:qYhJxnNDcCwUM7xe7Tlcjw==,type:str]
 steam:
@@ -24,8 +21,8 @@ sops:
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2023-10-01T23:00:06Z"
-    mac: ENC[AES256_GCM,data:oEJ3Nwlx5YTVLvWa12On1O+LakU42rsAD1wD52MTlzuwgyRZ/g49pL6pQiL6S0uE7wC0EOqOvg2pCtDxxHe3WNjEpcxnWWftdEjw2laLnBuOqduQmVW+Sn23SzoRkl7PwOH1jTQHzRyciyYkJT1/vCNnbNdKg1eqnbpxPysg6/A=,iv:dC8eNEXhzC8Nx1rfXQdDKtlO01QhyW9ncNFEK/yakrg=,tag:vQ4AW/mqnA9Vs5NNzFsYWQ==,type:str]
+    lastmodified: "2023-09-22T21:07:02Z"
+    mac: ENC[AES256_GCM,data:gItC41S8MInLmikdH1okhPs+FVf8sCF/iQeJ5reigBunHkOngoc6nOFANyAcNZETszzhgTLXXtmVNEjW46v6K7D6nmoi/zwpedUxwzMwDC5I28VTMDHVMAThYSGtdo6kig8i2pi8rzEQd1DStxMv3TWML5y6DDTlFsd3lfudaHA=,iv:zXebvIVPR76GwUhpactwRgF/eEmx2OBkT18E8lkwzRA=,tag:6HyISACbFCGlpIIgkFeA/A==,type:str]
     pgp:
         - created_at: "2022-10-12T16:48:23Z"
           enc: |