diff --git a/hosts/voyager/services/jellyfin.nix b/hosts/voyager/services/jellyfin.nix
index 9e8bf40..25a0017 100644
--- a/hosts/voyager/services/jellyfin.nix
+++ b/hosts/voyager/services/jellyfin.nix
@@ -1,61 +1,49 @@
 { config, pkgs, lib, ... }:
-let
-  domainName = "jellyfin.home.feal.no";
-in {
+
+{
   # Jellyfin - Media Streaming platform
   services.jellyfin.enable = true;
+
   users.users.${config.services.jellyfin.user}.extraGroups = [ "video" "render" ];
+
   systemd.services.jellyfin.serviceConfig = {
     DeviceAllow = lib.mkForce [ "/dev/dri/card0" ];
   };
 
-  services.nginx.virtualHosts."${domainName}" = {
+  services.nginx.virtualHosts."jellyfin.home.feal.no" = {
     serverAliases = [ "jf.feal.no" ];
-    extraConfig = ''
-    add_header X-XSS-Protection "1; mode=block";
-    add_header X-Content-Type-Options "nosniff";
-    location = / {
-        return 302 http://$host/web/;
-        #return 302 https://$host/web/;
-    }
-    location / {
-        # Proxy main Jellyfin traffic
-        proxy_pass http://127.0.0.1:8096;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Protocol $scheme;
-        proxy_set_header X-Forwarded-Host $http_host;
-        # Disable buffering when the nginx proxy gets very resource heavy upon streaming
-        proxy_buffering off;
-    }
-    # location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
-    location = /web/ {
-        # Proxy main Jellyfin traffic
-        proxy_pass http://127.0.0.1:8096/web/index.html;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Protocol $scheme;
-        proxy_set_header X-Forwarded-Host $http_host;
-    }
-    location /socket {
-        # Proxy Jellyfin Websockets traffic
-        proxy_pass http://127.0.0.1:8096;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Protocol $scheme;
-        proxy_set_header X-Forwarded-Host $http_host;
-    }
-        '';
+    locations = {
+      "= /" = {
+        return = "302 http://$host/web/";
+      };
 
+      "/" = {
+        proxyPass = "http://127.0.0.1:8096";
+        extraConfig = ''
+          proxy_buffering off;
+        '';
+      };
+
+      "/socket" = {
+        proxyPass = "http://127.0.0.1:8096";
+        proxyWebsockets = true;
+      };
+    };
+
+    extraConfig = ''
+      add_header X-XSS-Protection "1; mode=block";
+      add_header X-Content-Type-Options "nosniff";
+      add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
+    '';
+  };
+
+  fileSystems."/tank/media/jellyfin/Music" = {
+    depends = [
+      "/tank/media/music"
+      "/tank/media/jellyfin"
+    ];
+    options = [ "bind" ];
+    device = "/tank/media/music";
   };
 }