diff --git a/nixos/machines/biskcomp.nix b/nixos/machines/biskcomp.nix
index 894a8c96..aaa06970 100644
--- a/nixos/machines/biskcomp.nix
+++ b/nixos/machines/biskcomp.nix
@@ -1,4 +1,4 @@
-{ pkgs, forEachUser, ... }:
+{ pkgs, forEachUser, config, ... }:
 let biskcomp-nginx-hostnames = "192.168.1.44 railbird.ai 1896Folsom.duckdns.org biskcomp.local 0.0.0.0 67.162.131.71";
 in
 {
@@ -65,6 +65,17 @@ in
     };
   };
 
+  age.secrets.discourse-admin-password = {
+    file = ./secrets/discourse-admin-password.age;
+  };
+
+  services.discourse = {
+    enable = true;
+    enableACME = true;
+    hostname = "discourse.railbird.ai";
+    admin.passwordFile = config.age.secrets.discourse-admin-password.path;
+  };
+
   services.nginx = {
     enable = true;
     recommendedProxySettings = true;
diff --git a/nixos/secrets/discourse-admin-password.age b/nixos/secrets/discourse-admin-password.age
new file mode 100644
index 00000000..2c345a71
Binary files /dev/null and b/nixos/secrets/discourse-admin-password.age differ
diff --git a/nixos/secrets/secrets.nix b/nixos/secrets/secrets.nix
index ecf7be5e..54c4839b 100644
--- a/nixos/secrets/secrets.nix
+++ b/nixos/secrets/secrets.nix
@@ -17,4 +17,5 @@ in
   "1896Folsom-k3s-token.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
   "api_service_account_key.json.age".publicKeys = keys.agenixKeys;
   "k3s-registry.yaml.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
+  "discourse-admin-password.age".publicKeys = keys.hostKeys;
 }