diff --git a/hosts/rahu/configuration.nix b/hosts/rahu/configuration.nix
index b229fe8..8340132 100644
--- a/hosts/rahu/configuration.nix
+++ b/hosts/rahu/configuration.nix
@@ -13,22 +13,12 @@
 
   sops.age.keyFile = "/home/user/.config/sops/age/keys.txt";
   sops.secrets.wireless_ap = { };
+  sops.secrets.photoprism = { };
   sops.secrets.transmission = {
     owner = "transmission";
     restartUnits = [ "transmission.service" ];
   };
 
-  services.immich.enable = true;
-  services.immich.port = 2283;
-  services.immich.openFirewall = true;
-  services.immich.host = "0.0.0.0";
-  services.immich.accelerationDevices = null;
-
-  users.users.immich.extraGroups = [
-    "video"
-    "render"
-  ];
-
   # Bootloader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.timeout = 1;
@@ -67,6 +57,18 @@
     "/media/ssd0/Stasis/Shows"
   ];
 
+  services.photoprism = {
+    enable = true;
+    port = 2342;
+    address = "0.0.0.0";
+    passwordFile = "/run/secrets/photoprism";
+    settings = {
+      PHOTOPRISM_ADMIN_USER = "admin";
+      PHOTOPRISM_DEFAULT_LOCALE = "en";
+      PHOTOPRISM_SITE_TITLE = "rahu";
+    };
+  };
+
   systemd.services.create_ap = {
     enable = true;
     description = "Create AP Service";
@@ -90,16 +92,6 @@
     };
   };
 
-  systemd.services.dufs = {
-    enable = true;
-    description = "Homeage homepage";
-    wantedBy = [ "multi-user.target" ];
-    after = [ "network.target" ];
-    serviceConfig = {
-      ExecStart = "${pkgs.dufs}/bin/dufs -c /home/user/local/dufs-config.yaml";
-    };
-  };
-
   programs.fish.enable = true;
 
   systemd.tmpfiles.rules = [
@@ -127,7 +119,6 @@
     ];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/wbGoIUsbBHFbnXj2g+23C8sUgYkZTq0TrBm0MMWnx"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICy8DNUvVXhXhqNaEHfcUJdSY5ZS1cn9roLHQF/pQUO0"
     ];
     packages = with pkgs; [
       ripgrep
@@ -162,7 +153,6 @@
   };
   networking.firewall.allowedTCPPorts = [
     2342
-    5000
     80
   ];
   system.stateVersion = "23.11";
diff --git a/hosts/rahu/secrets/secrets.yaml b/hosts/rahu/secrets/secrets.yaml
index 83907b6..f00de94 100644
--- a/hosts/rahu/secrets/secrets.yaml
+++ b/hosts/rahu/secrets/secrets.yaml
@@ -1,5 +1,6 @@
 wireless_ap: ENC[AES256_GCM,data:VmNjXl+ZXfs2loICuEeVf++swRBfQCXdi7l+2ZGlt2tP33HS/+avGJ5a+XCJLUKSLetRJKir6bY0mKLwZWuITXjDq8nro0dYcuGBiugWfmkQn2Vkd7y5hdu+q3kmFaXr,iv:exKNo9aPRdJYIcIHyMpnIFc+AeWvjHvKCd2+C89+yNA=,tag:OfdCesl5/HwtSDfPVpOKxg==,type:str]
 transmission: ENC[AES256_GCM,data:OFQDZgak6GM6sz9MrMduGQgDSHw1UcEN/Uyi0j2w3OAFKkU9QEzAWB2OdwSaSK2al1W04vkch8OTRxVzgfD6czh3F2mz/GM=,iv:x1BH1bvtBw9wrLvBuZRLY8beB72HrjHxMh2zVwtY6pI=,tag:Ho+6sVs78jydBkNw/6q90A==,type:str]
+photoprism: ENC[AES256_GCM,data:dKvU/gp6E5VCtYKBwIcRSiY/HH8=,iv:ZpkHnINRe0RRTug7pmBANmX6opLK20OALZnzIQuBusE=,tag:dWWyXgR5Nme5zvTR+074tw==,type:str]
 sops:
     age:
         - recipient: age1mvqrpx830w7pk34wasvlc03n0qe85ux2zqx6y7zvu5mycm0tcawq4q6lke
@@ -11,7 +12,7 @@ sops:
             K1NuRWpyQlFKSXIrcWVwR1FFbkpDa0EKTmDcy1D/LbiJfYiQGWPoNEInICjj1Q0S
             jjj0dwQGA86L8GZgOavMBxz36Qyp71WPNr52nMCE2ny6VxflpVwAVA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-08-08T12:16:11Z"
-    mac: ENC[AES256_GCM,data:NK5WV4sBaxZHe9UlKngrC1ftnHmBRv7keLrNXXgq+0GDMX1iVRLoLBlPKXBpvLgjvqaNWCvocgrBg5Mij+zxvKtQvIU0WT1c9cmyY135Bro+QJn79cp0S+3KvcKzeGxGEh4cKyDQz72CTCaRcxpTW7/gk/sNCRd/HBHDgQ2yKI0=,iv:EDK3aDrr7MwpQv3ogu7yvpodY+vrQRrjVejnP7tiHNk=,tag:fN7yyRRII9CmRg76SU+wCw==,type:str]
+    lastmodified: "2025-09-14T02:42:54Z"
+    mac: ENC[AES256_GCM,data:XIQClaFexemjaG9V/ipUWt02KTglFcvsAGd5b/POOMPg1gl0aeS8+AqXR3h05Oaj+P6W4+m8+P5HGDicViOGw+UgqktXR2/uBpBgLZH1eoAUutGvgAMkqv344XOavt8zZG/NH8nO7dPDz0vGuL1XvVGoHSHUUJZzt6UkQ1SOakg=,iv:En61j8QH7BSkBdMdS99JYhRohkN4qw5GJgKlnPfbg8g=,tag:nc+jFx5qTv2WZMoqOmC2Cw==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2