diff --git a/secrets/OVHCloud/default.yaml b/secrets/OVHCloud/default.yaml
index c5fbf11..fe903d6 100644
--- a/secrets/OVHCloud/default.yaml
+++ b/secrets/OVHCloud/default.yaml
@@ -22,6 +22,11 @@ gitlab:
     OTP_KEY: ENC[AES256_GCM,data:BphY+ZO26N82iN1782ephpyqYwTt3UmCawX9/1kwvWEo5OebpUOOOQnR03I=,iv:EaHAW/sb1MGfN9ZFeB8t4xxVUtxb5jM7uL06/eGPxck=,tag:Qg+0oBsc0oB1T8NO2Znw5g==,type:str]
     DB_KEY: ENC[AES256_GCM,data:9Yso0CEnpAU/sX2NW8roSz+w/lhfK220f35U8Z3t+GNOi+Zd7Ybb/7kill4=,iv:fsQ86NRJbLYfjFZ/ka6po1o35dagqmiqhfQmUQNzlPg=,tag:LV9Sh+TlYv+kRW0bLWajnw==,type:str]
     JWS_KEY: ENC[AES256_GCM,data:7QGTClTixUmLFuPwkdvaVbPfZhVFpjtnW4/T6W0Lpu2j5Xt1jxijgRSHYRo=,iv:9v5TGU8+SlKzAQtfF/3VBQ4D9asyNcOOa4ElEG7OQdE=,tag:MPWKPJtFfIeo38uCVG1H7w==,type:str]
+musare:
+    MONGO_USER_USERNAME: ENC[AES256_GCM,data:XKk3rmNJ,iv:x853fsUKFZ5xEKTTFd+r8MQ4yZK1q0x9ocjmngBJ4Wo=,tag:v9xsFbImlrNQb/yAlIWM/w==,type:str]
+    MONGO_USER_PASSWORD: ENC[AES256_GCM,data:QMocFYM0okz4/g0iPm3QoPGtxRc67A==,iv:xZJL5KVJAL0Gv9wkbyStrcJig1gKkHlQnJ8SIKVLeLs=,tag:HdXDA6z8YJzwEQPBt/0rCQ==,type:str]
+    MONGO_ROOT_PASSWORD: ENC[AES256_GCM,data:KrrEa7NVF1J+znK+8aychgmBGgtLHw==,iv:BGsnTPXmQ3moqFRVATRbVDBLl/EFG5DqSwii/9eKdLg=,tag:0hR91iEZcox/xe7M4SmCBg==,type:str]
+    REDIS_PASSWORD: ENC[AES256_GCM,data:8+iq5EiFJWyhvE/AV/qjb/61AHvFdQ==,iv:jv/XVunNDXRB5CjQVxtt+uL5V14p7ol7UuhJOSWcjEs=,tag:Ft/mWv2zmXjSToPogisqtw==,type:str]
 notesnook:
     API_SECRET: ENC[AES256_GCM,data:E2wikU7aAXzuZ1m1javW7SbkCxVSii1zLF2AjFCWbVpyRvVN9le764fU29A=,iv:9R/Hzwdr9shQNYxtSJB18CUiaGq/XfMY2mTlTL5aLHs=,tag:ediIkiZRNOK61xGUO8vKwA==,type:str]
     S3_ACCESS_KEY_ID: ENC[AES256_GCM,data:Pmzvjon0RH2d78hiO0JEa8Lbad2a+mzX+zs=,iv:IyKuX3lWVqJuovkVNi/5eEZbRSL+jsOG5Kd09mEwr6w=,tag:Z2SfFsLpaPMDphhBp/1b0Q==,type:str]
@@ -82,8 +87,8 @@ sops:
             MFpMemF4MGg1bmVUeWV5N25LTUtyczQKss0x4zT1kyeRu+qenhrdbcPlU/p+yjVN
             y3j4eGpnwgc2rxSL9vkrrkzx/atUqUkgGU/YstszUrP6XKbJ+9ydpQ==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-11-06T07:57:13Z"
-    mac: ENC[AES256_GCM,data:5IkklIfJTvQwkSDasZwzEAiXEcRwGS5v6C/Bqp/MitVSYwky/kvSVlTWavQpOV1UHv5eraL45+QMkz1lMUF6C6X7en96KdZQV15omIvhxBdIKwvnZmmc83vGh75WJJ9688z1Pj/djUhH3qR1Pzj2v0tlkJCSIZK0oR4Eaj8400k=,iv:4pAhCYEONQ8KvTwBUuBneJS/zd+Ef9yVgVb5IO47PBo=,tag:au9L0qOQahndmn8/WSLdLg==,type:str]
+    lastmodified: "2024-11-07T21:03:51Z"
+    mac: ENC[AES256_GCM,data:iRlsQiOia0lmCAHYCkEvK2FKY2rWxWwr3nI3i6dHwNPfUQGJuNbhIWWTzI/t60N6/lY4UmYQI8jcwUxKM1xvv6p/XNarpRfXdskm5ocAtg8AyXBtXx1kgsvPmzMzFE3QQ0s1XbEoGHQKTT4yE9rTQlX9Gnd1zzbYBgcgLZ+STus=,iv:t3lbU/dbdZjHsW58yZEiAHvUePwdc5JMFCtv28uqgXo=,tag:ghGULzQinWDlDFAX6hFUlg==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.1
diff --git a/services/default.nix b/services/default.nix
index 8e94aa3..c87ac74 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -2,6 +2,7 @@
   imports = [
     ./authelia
     ./garage
+    ./musare
     ./outline
     ./shadowsocks
     ./stalwart-mail
diff --git a/services/musare/config.json b/services/musare/config.json
new file mode 100644
index 0000000..0aa6108
--- /dev/null
+++ b/services/musare/config.json
@@ -0,0 +1,32 @@
+{
+	"configVersion": 12,
+	"migration": false,
+	"secret": "CHANGE_ME",
+	"port": 8080,
+	"url": {
+		"host": "music.gasdev.fr",
+		"secure": true
+	},
+	"apis": {
+		"youtube": {
+			"key": "CHANGE_ME"
+		},
+		"discogs": {
+			"enabled": false,
+			"client": "CHANGE_ME",
+			"secret": "CHANGE_ME"
+		}
+	},
+	"mail": {
+		"enabled": false,
+		"smtp": {
+			"host": "smtp.my.domain",
+			"port": 587,
+			"auth": {
+				"user": "CHANGE_ME",
+				"pass": "CHANGE_ME"
+			},
+			"secure": true
+		}
+	}
+}
diff --git a/services/musare/default.nix b/services/musare/default.nix
new file mode 100644
index 0000000..a86dd0a
--- /dev/null
+++ b/services/musare/default.nix
@@ -0,0 +1,123 @@
+{
+  pkgs,
+  config,
+  ...
+}: let
+  musare = pkgs.fetchFromGitHub {
+    owner = "Musare";
+    repo = "Musare";
+    rev = "v3.11.0";
+    hash = "sha256-RN9H7atiNOr4wqgzfwE/8hUMJ4zpgMBu3dXA37c/lH0=";
+  };
+  musare-backend =
+    pkgs.buildNpmPackage {
+      pname = "musare-backend";
+      version = "4.7.0";
+      nodejs = pkgs.nodejs_18;
+
+      src =
+        musare
+        + "/backend";
+
+      npmDepsHash = "sha256-cxvK2Zp0iOA9qPg8NaCEcOsxmaU1/l/dvnfwUEq2BuE=";
+      dontNpmBuild = true;
+    }
+    + "/lib/node_modules/musare-backend";
+  musare-frontend =
+    pkgs.buildNpmPackage {
+      pname = "musare-frontend";
+      version = "4.7.0";
+
+      src =
+        musare
+        + "/frontend";
+
+      npmDepsHash = "sha256-R1vxio66W/8WN6pFRbwuOv0Z4/V4cnwBqhXlRygj7Js=";
+      npmBuildScript = "prod";
+    }
+    + "/lib/node_modules/musare-frontend/build";
+in {
+  services.caddy.virtualHosts."music.gasdev.fr".extraConfig = ''
+    root * ${musare-frontend}
+    file_server
+
+    @websockets {
+        path /backend/*
+        header Connection upgrade
+        header Upgrade websocket
+    }
+
+    reverse_proxy @websockets localhost:32483
+
+    handle_path /backend/*  {
+        reverse_proxy localhost:32483
+    }
+  '';
+
+  sops.secrets."musare/MONGO_USER_USERNAME".owner = "root";
+  sops.secrets."musare/MONGO_USER_PASSWORD".owner = "root";
+  sops.secrets."musare/MONGO_ROOT_PASSWORD".owner = "root";
+  sops.secrets."musare/REDIS_PASSWORD".owner = "root";
+
+  sops.templates."musare.env" = {
+    content = ''
+      MONGO_USER_USERNAME=${config.sops.placeholder."musare/MONGO_USER_USERNAME"}
+      MONGO_USER_PASSWORD=${config.sops.placeholder."musare/MONGO_USER_PASSWORD"}
+      MONGO_ROOT_PASSWORD=${config.sops.placeholder."musare/MONGO_ROOT_PASSWORD"}
+      MONGO_INITDB_ROOT_PASSWORD=${config.sops.placeholder."musare/MONGO_ROOT_PASSWORD"}
+      MONGO_INITDB_ROOT_USERNAME=admin
+      MONGO_INITDB_DATABASE=musare
+      REDIS_PASSWORD=meh_not_important
+    '';
+    owner = "root";
+  };
+
+  virtualisation.oci-containers.containers = {
+    musare-backend = {
+      image = "localhost/musare:backend";
+      imageFile = pkgs.dockerTools.buildImage {
+        name = "musare";
+        tag = "backend";
+        contents = [pkgs.nodejs_18 pkgs.bash];
+        config = {
+          Cmd = ["node" "--es-module-specifier-resolution=node" "/opt/app/index.js"];
+        };
+      };
+      autoStart = true;
+      volumes = [
+        "${musare-backend}:/opt/app/"
+        "${./config.json}:/opt/app/config.json"
+      ];
+      ports = [
+        "32483:8080"
+      ];
+      workdir = "/opt/app";
+      environmentFiles = [
+        config.sops.templates."musare.env".path
+      ];
+      dependsOn = ["mongo" "redis"];
+    };
+    mongo = {
+      image = "docker.io/mongo:latest";
+      autoStart = true;
+      volumes = [
+        "${musare}/tools/docker/setup-mongo.sh:/docker-entrypoint-initdb.d/setup-mongo.sh"
+        "musare-mongodb:/data/db"
+      ];
+      environmentFiles = [
+        config.sops.templates."musare.env".path
+      ];
+    };
+    redis = {
+      image = "docker.io/redis:7";
+      autoStart = true;
+      cmd = ["--notify-keyspace-events" "Ex" "--requirepass" "meh_not_important" "--appendonly" "yes"];
+      volumes = [
+        "musare-redis:/data"
+      ];
+      environmentFiles = [
+        config.sops.templates."musare.env".path
+      ];
+    };
+  };
+}