diff --git a/secrets.nix b/secrets.nix
index ce66958..ffbb9ab 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -38,10 +38,6 @@ in {
     ++ [ mcentire-host ];
   "secrets/millironx-books-s3.age".publicKeys = system-administrators
     ++ [ mcentire-host ];
-  "secrets/millironx-music-s3.age".publicKeys = system-administrators
-    ++ [ mcentire-host ];
-  "secrets/navidrome.toml.age".publicKeys = system-administrators
-    ++ [ mcentire-host ];
   "secrets/network-information.age".publicKeys = system-administrators
     ++ [ bosephus-host ];
 }
diff --git a/secrets/millironx-music-s3.age b/secrets/millironx-music-s3.age
deleted file mode 100644
index 14e9b64..0000000
Binary files a/secrets/millironx-music-s3.age and /dev/null differ
diff --git a/secrets/navidrome.toml.age b/secrets/navidrome.toml.age
deleted file mode 100644
index 2331985..0000000
Binary files a/secrets/navidrome.toml.age and /dev/null differ
diff --git a/services/audiobookshelf.nix b/services/audiobookshelf.nix
index c81b0dd..c4f5070 100644
--- a/services/audiobookshelf.nix
+++ b/services/audiobookshelf.nix
@@ -21,9 +21,6 @@ in {
       "use_path_request_style"
       "url=https://us-east-1.linodeobjects.com/"
       "passwd_file=${config.age.secrets.millironx-books-s3-token.path}"
-      "uid=${user}"
-      "gid=${user}"
-      "umask=0022"
     ];
   };
 
diff --git a/services/navidrome.nix b/services/navidrome.nix
deleted file mode 100644
index bd8bc94..0000000
--- a/services/navidrome.nix
+++ /dev/null
@@ -1,104 +0,0 @@
-{ config, pkgs, home-manager-quadlet-nix, ... }:
-let
-  user = "navidrome";
-  port = "4533";
-  authentikPort = "9000";
-  stateDirectory = "/var/lib/${user}";
-  s3BucketName = "millironx-music";
-  s3MountDirectory = "/mount/s3/${s3BucketName}";
-in {
-  age.secrets = {
-    millironx-music-s3-token.file = ./../secrets/millironx-music-s3.age;
-    "navidrome.toml" = {
-      file = ./../secrets/navidrome.toml.age;
-      owner = user;
-    };
-  };
-
-  millironx.podman-secrets.navidrome = {
-    inherit user;
-    secrets-files = [ config.age.secrets."navidrome.toml".path ];
-  };
-
-  environment.systemPackages = [ pkgs.s3fs ];
-
-  fileSystems."${s3BucketName}" = {
-    device = s3BucketName;
-    mountPoint = s3MountDirectory;
-    fsType = "fuse./run/current-system/sw/bin/s3fs";
-    noCheck = true;
-    options = [
-      "_netdev"
-      "allow_other"
-      "use_path_request_style"
-      "url=https://us-east-1.linodeobjects.com/"
-      "passwd_file=${config.age.secrets.millironx-music-s3-token.path}"
-      "uid=${user}"
-      "gid=${user}"
-      "umask=0022"
-    ];
-  };
-
-  systemd.tmpfiles.rules =
-    map (d: "d ${stateDirectory}/${d} 1775 ${user} ${user} -") [ "" "data" ];
-
-  services.borgmatic.configurations."${config.networking.hostName}" = {
-    source_directories = map (d: "${stateDirectory}/${d}") [ "data" ];
-  };
-
-  services.caddy.virtualHosts."music.millironx.com".extraConfig = ''
-    # Authentik output endpoint
-    reverse_proxy /outpost.goauthentik.io/* http://127.0.0.1:${authentikPort}
-
-    # Protect everything except share and subsonic endpoints
-    @protected not path /share/* /rest/*
-    forward_auth @protected http://127.0.0.1:${authentikPort} {
-       uri /outpost.goauthentik.io/auth/caddy
-       copy_headers X-Authentik-Username>Remote-User
-    }
-
-    # Forward everything to Navidrome
-    reverse_proxy 127.0.0.1:${port}
-  '';
-
-  users.users."${user}" = {
-    group = "${user}";
-    isNormalUser = true;
-    home = stateDirectory;
-    createHome = true;
-    linger = true;
-    autoSubUidGidRange = true;
-  };
-  users.groups."${user}" = { };
-
-  home-manager.users."${user}" = { config, osConfig, ... }: {
-    imports = [ home-manager-quadlet-nix ];
-
-    home.stateVersion = "25.05";
-
-    virtualisation.quadlet = {
-      autoUpdate.enable = true;
-      containers.navidrome = {
-        autoStart = true;
-        containerConfig = {
-          image = "docker.io/deluan/navidrome:latest";
-          environments = {
-            ND_BASEURL = "https://music.millironx.com";
-            ND_EXTAUTH_TRUSTEDSOURCES = "10.0.0.0/8";
-          };
-          secrets =
-            map (s: "${s},type=env") [ "ND_LASTFM_APIKEY" "ND_LASTFM_SECRET" ];
-          volumes = [
-            "${s3MountDirectory}:/music:Uro"
-            "${stateDirectory}/data:/data:U"
-          ];
-          publishPorts = [ "127.0.0.1:${port}:${port}" ];
-          unitConfig.Requires =
-            [ osConfig.millironx.podman-secrets.navidrome.ref ];
-          unitConfig.After =
-            [ osConfig.millironx.podman-secrets.navidrome.ref ];
-        };
-      };
-    };
-  };
-}