diff --git a/fili/services/media/autobrr.nix b/fili/services/media/autobrr.nix
deleted file mode 100644
index 16379d8..0000000
--- a/fili/services/media/autobrr.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{ config, secrets, ... }:
-{
-  sops.secrets.autobrr = {
-    sopsFile = "${secrets}/autobrr.yaml";
-    key = "key";
-    format = "yaml";
-  };
-
-  services.nginx = {
-    virtualHosts."autobrr.donsz.nl" = {
-      forceSSL = true;
-      http2 = true;
-      enableACME = true;
-
-      locations."/" = {
-        proxyPass = "http://${config.services.autobrr.settings.host}:${toString config.services.autobrr.settings.port}";
-      };
-    };
-  };
-
-  # oauth access to the service
-  services.oauth2-proxy.nginx.virtualHosts."autobrr.donsz.nl" = {
-    allowed_groups = [ "torrent" ];
-  };
-
-  # vpnNamespaces.mullvad.portMappings = [
-  #   {
-  #     from = config.services.autobrr.settings.port;
-  #     to = config.services.autobrr.settings.port;
-  #   }
-  # ];
-  # vpnNamespaces.mullvad.openVPNPorts = [
-  #   {
-  #     # irc port
-  #     port = 7021;
-  #     protocol = "both";
-  #   }
-  # ];
-  # systemd.services.autobrr.vpnConfinement = {
-  #   enable = true;
-  #   vpnNamespace = "mullvad";
-  # };
-
-  services.autobrr = {
-    enable = true;
-    settings = {
-      logLevel = "DEBUG";
-      checkForUpdates = false;
-      host = "localhost";
-      port = 11012;
-    };
-    secretFile = config.sops.secrets.autobrr.path;
-  };
-}
diff --git a/fili/services/media/default.nix b/fili/services/media/default.nix
index 3ad1eb9..35620cb 100644
--- a/fili/services/media/default.nix
+++ b/fili/services/media/default.nix
@@ -6,7 +6,5 @@ _: {
     ./torrent.nix
     ./jackett.nix
     ./jellyfin.nix
-    ./autobrr.nix
-    ./vpn.nix
   ];
 }
diff --git a/fili/services/media/jackett.nix b/fili/services/media/jackett.nix
index cec59f3..49103c8 100644
--- a/fili/services/media/jackett.nix
+++ b/fili/services/media/jackett.nix
@@ -1,5 +1,4 @@
-{ config, ... }:
-{
+_: {
   services.nginx = {
     virtualHosts."jackett.donsz.nl" = {
       forceSSL = true;
@@ -7,22 +6,11 @@
       enableACME = true;
 
       locations."/" = {
-        proxyPass = "http://localhost:${toString config.services.jackett.port}";
+        proxyPass = "http://[::1]:9117";
       };
     };
   };
 
-  # vpnNamespaces.mullvad.portMappings = [
-  #   {
-  #     from = config.services.jackett.port;
-  #     to = config.services.jackett.port;
-  #   }
-  # ];
-  # systemd.services.autobrr.vpnConfinement = {
-  #   enable = true;
-  #   vpnNamespace = "mullvad";
-  # };
-
   services.oauth2-proxy.nginx.virtualHosts."jackett.donsz.nl" = {
     allowed_groups = [ "torrent" ];
   };
@@ -31,6 +19,5 @@
     enable = true;
     group = "jellyfin";
     user = "jellyfin";
-    port = 11013;
   };
 }
diff --git a/fili/services/media/torrent.nix b/fili/services/media/torrent.nix
index c615145..8286aae 100644
--- a/fili/services/media/torrent.nix
+++ b/fili/services/media/torrent.nix
@@ -1,21 +1,71 @@
-{ pkgs, ... }:
 {
-  vpnNamespaces.mullvad.portMappings = [
-    {
-      from = 9091;
-      to = 9091;
-    } # UI Port.
-    {
-      from = 5432;
-      to = 5432;
-    } # DB Port.
-  ];
-  vpnNamespaces.mullvad.openVPNPorts = [
-    {
-      port = 50909;
-      protocol = "both";
-    }
-  ];
+  config,
+  pkgs,
+  secrets,
+  ...
+}:
+{
+  sops.secrets.mullvad = {
+    sopsFile = "${secrets}/mullvad.yaml";
+    owner = "root";
+    format = "yaml";
+  };
+
+  vpnNamespaces.mullvad = {
+    enable = true;
+    wireguardConfigFile = config.sops.secrets.mullvad.path;
+    accessibleFrom = [
+      "192.168.0.0/16"
+    ];
+    portMappings = [
+      {
+        from = 9091;
+        to = 9091;
+      } # UI Port.
+      {
+        from = 5432;
+        to = 5432;
+      } # DB Port.
+    ];
+    openVPNPorts = [
+      {
+        port = 50901;
+        protocol = "both";
+      }
+      {
+        port = 50902;
+        protocol = "both";
+      }
+      {
+        port = 50903;
+        protocol = "both";
+      }
+      {
+        port = 50904;
+        protocol = "both";
+      }
+      {
+        port = 50905;
+        protocol = "both";
+      }
+      {
+        port = 50906;
+        protocol = "both";
+      }
+      {
+        port = 50907;
+        protocol = "both";
+      }
+      {
+        port = 50908;
+        protocol = "both";
+      }
+      {
+        port = 50909;
+        protocol = "both";
+      }
+    ];
+  };
 
   services.nginx = {
     virtualHosts."dl.donsz.nl" = {
@@ -57,7 +107,7 @@
     settings = {
       download-dir = "/storage/storage/torrents";
       incomplete-dir-enabled = false;
-      incomplete-dir = "/storage/storage/torrents";
+      # incomplete-dir = "/storage/storage/torrents";
 
       rpc-bind-address = "192.168.15.1";
       rpc-host-whitelist-enabled = false;
diff --git a/fili/services/media/vpn.nix b/fili/services/media/vpn.nix
deleted file mode 100644
index a958334..0000000
--- a/fili/services/media/vpn.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ config, secrets, ... }:
-{
-  sops.secrets.mullvad = {
-    sopsFile = "${secrets}/mullvad.yaml";
-    owner = "root";
-    format = "yaml";
-  };
-
-  vpnNamespaces.mullvad = {
-    enable = true;
-    wireguardConfigFile = config.sops.secrets.mullvad.path;
-    accessibleFrom = [
-      "192.168.0.0/16"
-    ];
-  };
-}
diff --git a/flake.lock b/flake.lock
index 117ac98..287c14b 100644
--- a/flake.lock
+++ b/flake.lock
@@ -268,11 +268,11 @@
         "nixpkgs": "nixpkgs_4"
       },
       "locked": {
-        "lastModified": 1767710337,
-        "narHash": "sha256-IjtTEr5ZTIvlE/ceC68144dxe38cv7RM0bhIUKeehT0=",
+        "lastModified": 1767006760,
+        "narHash": "sha256-OeaRlOEEWWGhoXyQlPFgdGsIIRazVi8/Y1B/vB45Xcs=",
         "owner": "jdonszelmann",
         "repo": "homepage",
-        "rev": "479a5d6f064ea52d942bc85e2b3f19e4c79d2805",
+        "rev": "f0af54274128437879400d4e353bb09c14d64921",
         "type": "github"
       },
       "original": {
@@ -308,11 +308,11 @@
         "nixpkgs-mozilla": "nixpkgs-mozilla"
       },
       "locked": {
-        "lastModified": 1767464600,
-        "narHash": "sha256-Bk4ZNrh3EYTTxioO3MhR6k8g7yBvnGX7/VZKndB6Wz4=",
+        "lastModified": 1767285863,
+        "narHash": "sha256-IZcAGuoAVgbke0Xtc6yQE+AItfFhyxjONlE9H0brHaE=",
         "ref": "refs/heads/main",
-        "rev": "05c3d7e4564696dd7d6ea5d9e4737872190d9268",
-        "revCount": 67,
+        "rev": "179aca580debf2434028172c9f939884d82a2b4d",
+        "revCount": 55,
         "type": "git",
         "url": "ssh://forgejo@git.donsz.nl/jana/money.is.fckn.gay.git"
       },
@@ -444,11 +444,11 @@
     },
     "nixpkgs_11": {
       "locked": {
-        "lastModified": 1767653099,
-        "narHash": "sha256-1lZvN3Lg7NjuXVHXdKgKSnVPnOH6KugGFTTGKLKLu/4=",
+        "lastModified": 1767439050,
+        "narHash": "sha256-UHXvixX4PjyzuTtyEU0GAe4W7sIVFBBntCNPHkZTRrA=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "6f34e6c7a48c7aac4a26a388430f8a9f480a6d0e",
+        "rev": "7fe910442588191a2a22848196daebc9f7cc48b7",
         "type": "github"
       },
       "original": {
@@ -696,11 +696,11 @@
         "nixpkgs": "nixpkgs_11"
       },
       "locked": {
-        "lastModified": 1767655057,
-        "narHash": "sha256-gvDWxuDucrGsBxDF0iZeFcTqVbADMcWwK2nne6LKlLs=",
+        "lastModified": 1767440370,
+        "narHash": "sha256-3jSo/IeyV2/ZsSx2+w/VAFVbIaNudXTALTUR2z6rbwo=",
         "ref": "refs/heads/main",
-        "rev": "ea9c28258665f76042781a2b7b84ddf6d99a6e62",
-        "revCount": 6,
+        "rev": "0484a0ef06c4be3c647efc3ee0071349494bec49",
+        "revCount": 5,
         "type": "git",
         "url": "ssh://forgejo@git.donsz.nl/jana/server-secrets.git"
       },