diff --git a/flake.lock b/flake.lock
index 45532cb..6765d2f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -167,11 +167,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1725716377,
-        "narHash": "sha256-7NzW9O/cAw7iWzRfh7Oo/SuSudL4a1YTKS6yoh3tMck=",
+        "lastModified": 1725885300,
+        "narHash": "sha256-5RLEnou1/GJQl+Wd+Bxaj7QY7FFQ9wjnFq1VNEaxTmc=",
         "owner": "nixos",
         "repo": "nixos-hardware",
-        "rev": "04a1cda0c1725094a4db703cccbb956b7558f5a6",
+        "rev": "166dee4f88a7e3ba1b7a243edb1aca822f00680e",
         "type": "github"
       },
       "original": {
@@ -298,11 +298,11 @@
     },
     "nixpkgs_5": {
       "locked": {
-        "lastModified": 1725693463,
-        "narHash": "sha256-ZPzhebbWBOr0zRWW10FfqfbJlan3G96/h3uqhiFqmwg=",
+        "lastModified": 1725826545,
+        "narHash": "sha256-L64N1rpLlXdc94H+F6scnrbuEu+utC03cDDVvvJGOME=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "68e7dce0a6532e876980764167ad158174402c6f",
+        "rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9",
         "type": "github"
       },
       "original": {
@@ -314,11 +314,11 @@
     },
     "nur": {
       "locked": {
-        "lastModified": 1725854666,
-        "narHash": "sha256-Peccz5solKBUlGtN5vfWHxbd0Mxks+feh1TU/A7hZTg=",
+        "lastModified": 1725914786,
+        "narHash": "sha256-IUEPseZohbNJi9eFFWUhTnkpceZLMj0B62TtCkLo2ZY=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "4448858f13f127db4c8055e2bf6fe6e1257ba8ea",
+        "rev": "b121603cbc4551eda8c055bae01d08e9ecedb529",
         "type": "github"
       },
       "original": {
diff --git a/nixos/hardware/machines/server.nix b/nixos/hardware/machines/server.nix
index b0c065d..cd9eb34 100644
--- a/nixos/hardware/machines/server.nix
+++ b/nixos/hardware/machines/server.nix
@@ -86,6 +86,11 @@
       fsType = "none";
       options = [ "bind" ];
     };
+    "/var/lib/private/photoprism/originals" = {
+      device = "/export/JimboNFS/Photos/Galleries";
+      fsType = "none";
+      options = [ "bind" ];
+    };
   };
   swapDevices = [
     { device = "/dev/disk/by-uuid/ec422cad-bf93-4b15-b989-2c807f1073a4"; }
diff --git a/nixos/server.nix b/nixos/server.nix
index 3cfb4c3..132a325 100644
--- a/nixos/server.nix
+++ b/nixos/server.nix
@@ -33,6 +33,7 @@
     ./server/nfs.nix
     ./server/nginx.nix
     ./server/owncast.nix
+    ./server/photoprism.nix
     #./server/pixelfed.nix
     ./server/minecraft
     ./server/vaultwarden.nix
diff --git a/nixos/server/mariadb.nix b/nixos/server/mariadb.nix
index fc4b8a1..8848e80 100644
--- a/nixos/server/mariadb.nix
+++ b/nixos/server/mariadb.nix
@@ -3,8 +3,9 @@
     enable = true;
     package = pkgs.mariadb;
     dataDir = "/var/lib/mysql";
-    initialDatabases = [
-      { name = "minecraft"; }
+    ensureDatabases = [
+      "minecraft"
+      "photoprism"
     ];
     ensureUsers = [
       {
@@ -13,6 +14,12 @@
           "minecraft.*" = "ALL PRIVILEGES";
         };
       }
+      {
+        name = "photoprism";
+        ensurePermissions = {
+          "photoprism.*" = "ALL PRIVILEGES";
+        };
+      }
     ];
   };
 }
diff --git a/nixos/server/photoprism.nix b/nixos/server/photoprism.nix
new file mode 100644
index 0000000..c66fc24
--- /dev/null
+++ b/nixos/server/photoprism.nix
@@ -0,0 +1,30 @@
+{outputs, ...}: {
+ # Photoprism
+  services = {
+    photoprism = {
+      enable = true;
+      port = 2342;
+      originalsPath = "/var/lib/private/photoprism/originals";
+      address = "0.0.0.0";
+      settings = {
+        PHOTOPRISM_ADMIN_USER = "jimbo";
+        PHOTOPRISM_ADMIN_PASSWORD = "${outputs.secrets.prismAdminPass}";
+        PHOTOPRISM_DEFAULT_LOCALE = "en";
+        PHOTOPRISM_DATABASE_DRIVER = "mysql";
+        PHOTOPRISM_DATABASE_NAME = "photoprism";
+        PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
+        PHOTOPRISM_DATABASE_USER = "photoprism";
+        PHOTOPRISM_SITE_URL = "https://gallery.${outputs.secrets.jimDomain}";
+        PHOTOPRISM_SITE_TITLE = "Jimbo's PhotoPrism";
+      };
+    };
+    nginx.virtualHosts."gallery.${outputs.secrets.jimDomain}" =  {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:2342";
+        proxyWebsockets = true;
+      };
+    };
+  };
+}
diff --git a/nixos/server/wireguard.nix b/nixos/server/wireguard.nix
index ef646a4..4bad3e2 100644
--- a/nixos/server/wireguard.nix
+++ b/nixos/server/wireguard.nix
@@ -25,10 +25,6 @@ in {
             publicKey = outputs.secrets.wirePixel9Pub;
             allowedIPs = [ "10.100.0.2/32" ];
           }
-          { # Jimbo Pixel 4
-            publicKey = outputs.secrets.wirePixel4Pub;
-            allowedIPs = [ "10.100.0.3/32" ];
-          }
         ];
       };
     };
diff --git a/secrets.nix b/secrets.nix
index 7918850..b2f7f35 100644
Binary files a/secrets.nix and b/secrets.nix differ