diff --git a/README.org b/README.org
index 23a4fff..7310a7c 100755
--- a/README.org
+++ b/README.org
@@ -169,10 +169,6 @@ A bit on the nose for a transfemme into computers, but my chosen name is also Ma
 
 Used as a server admin account with little configuration.
 
-** public
-
-Another low-config, low-permission user for access to public resources.
-
 * ~sydnix-cli~
 
 sydnix-cli is a command-line utility written in Clojure wrapping various sydnix-related scripts.
diff --git a/hosts/deertopia/configuration.nix b/hosts/deertopia/configuration.nix
index 5cfff58..f98416c 100755
--- a/hosts/deertopia/configuration.nix
+++ b/hosts/deertopia/configuration.nix
@@ -10,7 +10,6 @@
 
     users.users = [
       "lain"
-      "public"
     ];
 
     impermanence = {
@@ -55,6 +54,7 @@
     deertopia = {
       nginx.enable = true;
       webdav.enable = true;
+      bepasty.enable = true;
 
       # A simple default webpage.  This should probably live somewhere else.
       nginx.vhosts."www" = {
diff --git a/modules/nixos/deertopia/bepasty.nix b/modules/nixos/deertopia/bepasty.nix
new file mode 100644
index 0000000..5270828
--- /dev/null
+++ b/modules/nixos/deertopia/bepasty.nix
@@ -0,0 +1,50 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let cfg = config.sydnix.deertopia.bepasty;
+in {
+  options = {
+    sydnix.deertopia.bepasty = {
+      enable = mkEnableOption "Bepasty";
+
+      port = lib.mkOption {
+        default = 22018;
+        type = lib.types.port;
+        description = ''
+          The internal port Bepasty is served on.  The actual server will be
+          hosted at https://bin.deertopia.net:80/.
+        '';
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    sydnix.sops.secrets.bepasty-secret-key = {};
+    sydnix.sops.secrets.bepasty-secret-config = {};
+
+    sydnix.impermanence.directories = [
+      config.services.bepasty.servers."bin.deertopia.net".workDir
+      config.services.bepasty.servers."bin.deertopia.net".dataDir
+    ];
+
+    services.bepasty = {
+      enable = true;
+      servers."bin.deertopia.net" = {
+        secretKeyFile = "/run/secrets/bepasty-secret-key";
+        extraConfig = ''
+          $(cat /run/secrets/bepasty-secret-config)
+        '';
+        bind = "127.0.0.1:${builtins.toString cfg.port}";
+      };
+    };
+
+    sydnix.deertopia.nginx.vhosts."bin".vhost = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = {
+        proxyPass = "http://localhost:${builtins.toString cfg.port}";
+      };
+    };
+  };
+}
diff --git a/secrets.yaml b/secrets.yaml
index f906568..1910c9d 100755
--- a/secrets.yaml
+++ b/secrets.yaml
@@ -1,4 +1,6 @@
 nextcloud-admin: ENC[AES256_GCM,data:MfHTZw5Co7DdY6uYT7e4ydoVPg==,iv:KqK/UaDpiEM5MnR86peGZ4iLfhC5JK4IOdI2T7RDZNg=,tag:Tpx2FdYavXud4OLcT7drTQ==,type:str]
+bepasty-secret-key: ENC[AES256_GCM,data:JmR425LSZP0/kVQAkLfAettWyQmRpLF9CiZOfcnzr4Hdp8TP8doSKqv7+ggJfP2cKa3C9JHUXcKjEjZ5g0wllQ==,iv:XUg3ii7sJ8BScA1aA+AAoocV4CYn3pMQ2aMjrfZeQM0=,tag:uKMwnDxJFhHatpjLfJV73Q==,type:str]
+bepasty-secret-config: ENC[AES256_GCM,data:saI2S/E38x/Kj0OP4Zvoi+Gs0HWkEYgePOxMYbWGDyR2E3wxfZJzETI7PsR2vVdFdMYFq9Nn0NlydwgX9N+DPSH1o7lHkYSC9OAGGbaGb1BjsLCGu8n0fcBwGF1g+yqMD3bEZTIOa7pV2bzekciDbQ==,iv:MaJM2krIKzoz10v+5jxJBiTsFzJ4MpfqAxeX5rmhQoE=,tag:1QRaS7rR0yO7C89ye44plw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -14,8 +16,8 @@ sops:
             aXZvL3RJRUtkOXR5OTFxcC9saXhGYVUKymDTIoxeHgJiM0rly5Zbp8kYoIUmmsWL
             CMfXunhtA+u/vjDUHjyj41TTFbZMVl8FUzqMYoMxhIH6dQw8u1HKBA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-01-18T16:35:24Z"
-    mac: ENC[AES256_GCM,data:1oYl56zjPnzzX9pBMDwbnoZFiu+k9OXlz9bEnTXl6Flr7+D3sZZIo5I6IidvRdMU8kHBOA87pascTqhFd/LUkU3HOpF0CgQUxjwcKIbSZ2OEp/xKCh9C9trDXUh62eZrcgrjT5ST2r8uNcicKWKZVQxAa0S2AKd+5apUAvSouAE=,iv:X7EhB8l230wZviAw1lpj1G8KAhhcDvuoA+prbpLENUQ=,tag:uA0997qvRb8DZqBs5a32hg==,type:str]
+    lastmodified: "2025-01-23T22:52:16Z"
+    mac: ENC[AES256_GCM,data:AOctu7cwFNd0ivmZgvii55aS7Mj9IAvjrCSmFKrnMz6qlQy5pj5PVcU3FlZYDhWyelDggyhuhYeI7k3Aisq0pOFEIAMiGsH6T4vP6pJVLGSNkfmu1IXJj6wtdYQDscxdnQwVokOqXX9IufEAxCctBbMb7ok/f9NgD8j0X8kjXPM=,iv:4TSfRyb8NPE9WJMugl3AS8Nkveph/40jv+TlRTPedWY=,tag:CkHiWABRaL7vBHvJvbbbNA==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.1
diff --git a/users/public/default.nix b/users/public/default.nix
deleted file mode 100755
index 472d66f..0000000
--- a/users/public/default.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-  systemConfiguration = { config, ... }: {
-    isNormalUser = true;
-    extraGroups = [ ];
-    initialHashedPassword =
-      "$y$j9T$uU64mjI.5Y1JICkKAaIgl0$kkO089hyDp3akSj7ReIKqFthA4T/d1w/nF40a5Tujt1";
-    openssh.authorizedKeys.keyFiles = [
-      ../../public-keys/crumb-at-guix-rebound.pub
-    ];
-  };
-
-  homeConfiguration = { config, lib, pkgs, ... }: {
-    imports = [
-    ];
-
-    sydnix = {
-    };
-
-    # Don't touch!
-    home.stateVersion = "18.09";
-  };
-}