diff --git a/flake.lock b/flake.lock
index fc1e37a..b771396 100644
--- a/flake.lock
+++ b/flake.lock
@@ -177,11 +177,11 @@
     "devour-flake": {
       "flake": false,
       "locked": {
-        "lastModified": 1770055559,
-        "narHash": "sha256-peb6VlxIDoqaHkGPanQ35p8SXy9t54NIJ8XJHgMSuFg=",
+        "lastModified": 1761148089,
+        "narHash": "sha256-Cd9aWk4P2VGYrK2X28D3vVub2kQIaba7tCTVg+G0AII=",
         "owner": "srid",
         "repo": "devour-flake",
-        "rev": "e65d15fd4ef46dbde90ac59be581b2a286c35d0f",
+        "rev": "03d5d9112a79aa6ef80495b325fd015d806b98eb",
         "type": "github"
       },
       "original": {
@@ -1395,15 +1395,16 @@
         "warp-tls-simple": "warp-tls-simple"
       },
       "locked": {
-        "lastModified": 1772203970,
-        "narHash": "sha256-HbGiTFdmLAMOBVEpEfQDGJiuH+VUjZK72EV2BB5RO28=",
+        "lastModified": 1772463598,
+        "narHash": "sha256-cXy69YIjZ+4pPanmctn+ReHhUEtY+GJXihcEYkAt7gM=",
         "owner": "juspay",
         "repo": "vira",
-        "rev": "e93bc5344a11c573e6f1f6f33119855971edd46c",
+        "rev": "83e78a8d0530de7f8468ea546764d50c7328de7c",
         "type": "github"
       },
       "original": {
         "owner": "juspay",
+        "ref": "github",
         "repo": "vira",
         "type": "github"
       }
diff --git a/flake.nix b/flake.nix
index 35a1d16..a7e2f18 100644
--- a/flake.nix
+++ b/flake.nix
@@ -29,7 +29,7 @@
     nixos-vscode-server.url = "github:nix-community/nixos-vscode-server";
     nix-index-database.url = "github:nix-community/nix-index-database";
     nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
-    vira.url = "github:juspay/vira";
+    vira.url = "github:juspay/vira/github";
     nix-ai-tools.url = "github:numtide/nix-ai-tools";
     nix-ai-tools.inputs.nixpkgs.follows = "nixpkgs";
     landrun-nix.url = "github:srid/landrun-nix";
diff --git a/modules/home/services/vira.nix b/modules/home/services/vira.nix
index b4152df..c5acf98 100644
--- a/modules/home/services/vira.nix
+++ b/modules/home/services/vira.nix
@@ -2,6 +2,7 @@
 
 let
   inherit (flake) inputs;
+  inherit (flake.inputs) self;
 in
 {
   imports = [
@@ -12,6 +13,20 @@ in
     config.services.vira.package # For CLI
   ];
 
+  # HACK: Hardcoded UID 1000 - should use config.users.users.srid.uid or similar.
+  # The vira module requires an absolute path, but agenix home-manager uses
+  # ${XDG_RUNTIME_DIR} which isn't resolved at evaluation time.
+  # TODO: Find a proper solution - perhaps contribute a fix to vira to accept
+  # runtime paths, or configure agenix to use a static path.
+  age.secrets."vira-github-private-key.age" = {
+    file = self + /secrets/vira-github-private-key.age;
+    path = "/run/user/1000/agenix/vira-github-private-key.age";
+  };
+  age.secrets."vira-github-webhook-secret.age" = {
+    file = self + /secrets/vira-github-webhook-secret.age;
+    path = "/run/user/1000/agenix/vira-github-webhook-secret.age";
+  };
+
   nix.settings.trusted-users = [ "srid" ]; # For cache?
 
   services.vira = {
@@ -26,6 +41,12 @@ in
     autoBuildNewBranches = true;
     package = inputs.vira.packages.${pkgs.stdenv.hostPlatform.system}.default;
 
+    github = {
+      appId = 2989507;
+      privateKeyFile = config.age.secrets."vira-github-private-key.age".path;
+      webhookSecretFile = config.age.secrets."vira-github-webhook-secret.age".path;
+    };
+
     initialState = {
       repositories = {
         nixos-config = "https://github.com/srid/nixos-config.git";
@@ -43,6 +64,7 @@ in
         unionmount = "https://github.com/srid/unionmount.git";
         ema = "https://github.com/srid/ema.git";
         srid = "https://github.com/srid/srid.git";
+        imako = "https://github.com/srid/imako.git";
         landrun-nix = "https://github.com/srid/landrun-nix.git";
         haskell-template = "https://github.com/srid/haskell-template.git";
         commonmark-wikilink = "https://github.com/srid/commonmark-wikilink.git";
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 420d8cb..40f736d 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -20,4 +20,6 @@ in
   "hackage-password.age".publicKeys = users ++ systems;
   "juspay-anthropic-api-key.age".publicKeys = users ++ systems;
   "beszel-agent-key.age".publicKeys = users ++ systems;
+  "vira-github-webhook-secret.age".publicKeys = users ++ systems;
+  "vira-github-private-key.age".publicKeys = users ++ systems;
 }
diff --git a/secrets/vira-github-private-key.age b/secrets/vira-github-private-key.age
new file mode 100644
index 0000000..f78274b
Binary files /dev/null and b/secrets/vira-github-private-key.age differ
diff --git a/secrets/vira-github-webhook-secret.age b/secrets/vira-github-webhook-secret.age
new file mode 100644
index 0000000..1cc208f
--- /dev/null
+++ b/secrets/vira-github-webhook-secret.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 96IXNQ lbpIjcmNNUmfRQrcpjGGm2CLbp0cre40pMYdup6YqRE
+YJEnkWY+7032s+zJZN4s5VxpYj7NprxJf/Dv1L4sDKE
+-> ssh-ed25519 It7HZQ 21bdLHzL8WpmRfnsw4RMo3qHNl+cR3Lnm93FqiM4biw
+P5BKsRr9LvO595rXWOUQaXpN2W2YYtj0Mva7ejxWiHc
+-> ssh-ed25519 0mMrRw R6n4nt1woSumFv7+eAgWGL2hpasHlQq1NHIZRMQKwQM
+/c2LnoScuHvEVJJNcwDVI1JcMjUgignkV1nQh1hwfyY
+--- TrFVD8zIg3/eUAF2OBERnCFXXRxv86b0/s2JjNXMg08
+¢HW¿ã„½@Ÿ5hQuió6<Ü�§ŒÇv”VzéZiNJ‘÷eçˆ\g¦:¬Y›M¹ßN
\ No newline at end of file