diff --git a/argocd/manifests/dex/external-secret.yaml b/argocd/manifests/dex/external-secret.yaml
index 432e9d3..e654e77 100644
--- a/argocd/manifests/dex/external-secret.yaml
+++ b/argocd/manifests/dex/external-secret.yaml
@@ -24,12 +24,15 @@ spec:
             http: 0.0.0.0:5556
           oauth2:
             skipApprovalScreen: true
-          enablePasswordDB: true
-          staticPasswords:
-            - email: "blume.erich@gmail.com"
-              hash: "{{ .staticPasswordHash }}"
-              username: "eblume"
-              userID: "eblume-001"
+          connectors:
+            - type: gitea
+              id: forgejo
+              name: Forgejo
+              config:
+                baseURL: https://forge.ops.eblu.me
+                clientID: "{{ .forgejoClientID }}"
+                clientSecret: "{{ .forgejoClientSecret }}"
+                redirectURI: https://dex.ops.eblu.me/callback
           staticClients:
             - id: grafana
               name: Grafana
@@ -38,10 +41,14 @@ spec:
                 - "https://grafana.ops.eblu.me/login/generic_oauth"
                 - "https://grafana.tail8d86e.ts.net/login/generic_oauth"
   data:
-    - secretKey: staticPasswordHash
+    - secretKey: forgejoClientID
       remoteRef:
         key: "Dex (blumeops)"
-        property: static-password-hash
+        property: forgejo-client-id
+    - secretKey: forgejoClientSecret
+      remoteRef:
+        key: "Dex (blumeops)"
+        property: forgejo-client-secret
     - secretKey: grafanaClientSecret
       remoteRef:
         key: "Dex (blumeops)"