diff --git a/nixos/components/network/syncthing.nix b/nixos/components/network/syncthing.nix
index 2ff2fcc..1a7b0c6 100644
--- a/nixos/components/network/syncthing.nix
+++ b/nixos/components/network/syncthing.nix
@@ -20,10 +20,12 @@ with lib; {
           id = "B6P22RF-5BC2LTZ-6GHVWRZ-5D3OLXC-D66E45Y-JEB3WYT-ZQ442WZ-5FFAMQ7";
           addresses = [ "tcp://144.76.13.147:22000" ];
         };
+        "orbi" = {
+          name = "orbi";
+          id = "5U5ZP6R-SUQO5SY-WICWWLZ-HPHQBM5-P27YSU6-66TWIBK-XLX4X5N-4O6TVAC";
+          addresses = [ "tcp://95.216.66.212:22000" ];
+        };
       }
-      // (device "workhorse" "AFSAKB6-JLH4QAS-DSRMPI3-6PVCIHF-IIAVLPC-STPNO3Y-YRDU5NW-QD445QI")
-      // (device "pepe" "SZLXFW3-VTAC7UB-V2Z7CHE-3VZAYPL-6D72AK6-OCDMPZP-G4FPY5P-FL6ZVAG")
-      // (device "sterni" "ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD")
       // (device "mobi" "NGI7UN6-MR2YPYI-L7DGN3I-JFZU2N3-RJBJV6K-2VZVQSJ-PWLZYOK-PXZYRAF")
       // (device "bobi" "FOJ3D27-W5OJMQR-7S77A3V-AS5BCG2-CIGWVMP-UBSVQNN-QZLHAIZ-IO7GKAE")
       // (device "cream" "MQVKATH-THTPET5-KYAT7XX-BOIIIBA-P7OOF7Y-IWAUN53-S2VNVOY-BZWTGQK")
@@ -47,6 +49,16 @@ with lib; {
 
       # needs to be on encrypted drives
       # -------------------------------
+      audiobooks = {
+        enable = lib.mkDefault false;
+        path = lib.mkDefault "/tmp/audiobooks";
+        devices = [ "chungus" "orbi" ];
+      };
+      lectures = {
+        enable = lib.mkDefault false;
+        path = lib.mkDefault "/tmp/lectures";
+        devices = [ "chungus" "orbi" ];
+      };
       books = {
         enable = lib.mkDefault false;
         path = lib.mkDefault "/tmp/books";
@@ -59,7 +71,7 @@ with lib; {
       password-store = {
         enable = lib.mkDefault false;
         path = lib.mkDefault "/tmp/password-store";
-        devices = [ "chungus" "cream" "sterni" "mobi" "bobi" "cherry" ];
+        devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ];
         versioning = {
           type = "simple";
           params.keep = "10";
@@ -68,12 +80,12 @@ with lib; {
       desktop = {
         enable = lib.mkDefault false;
         path = lib.mkDefault "/tmp/desktop";
-        devices = [ "chungus" "cream" "sterni" "mobi" "bobi" "cherry" ];
+        devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ];
       };
       finance = {
         enable = lib.mkDefault false;
         path = lib.mkDefault "/tmp/finance";
-        devices = [ "chungus" "cream" "sterni" "mobi" "bobi" ];
+        devices = [ "chungus" "cream" "mobi" "bobi" ];
         versioning = {
           type = "simple";
           params.keep = "10";
diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix
index 0a7ceac..00de126 100644
--- a/nixos/machines/chungus/configuration.nix
+++ b/nixos/machines/chungus/configuration.nix
@@ -33,6 +33,7 @@
     ./media-youtube.nix
     ./media-castget.nix
     ./media-curl.nix
+    ./media-syncthing.nix
 
     # logging
     ./loki.nix
@@ -47,7 +48,6 @@
     ./rbackup.nix
     ./sync-torrent.nix
     ./sync-script.nix
-    ./syncthing.nix
 
     ./services-s3.nix
 
diff --git a/nixos/machines/chungus/syncthing.nix b/nixos/machines/chungus/media-syncthing.nix
similarity index 71%
rename from nixos/machines/chungus/syncthing.nix
rename to nixos/machines/chungus/media-syncthing.nix
index 8b4876c..5742d13 100644
--- a/nixos/machines/chungus/syncthing.nix
+++ b/nixos/machines/chungus/media-syncthing.nix
@@ -3,6 +3,14 @@
   services.syncthing = {
     enable = true;
     overrideFolders = true;
+    user = "media";
+    group = "media";
+    # make some folders send only
+    settings.folders = {
+      audiobooks.type = "sendonly";
+      lost-fotos.type = "sendonly";
+      lectures.type = "sendonly";
+    };
     folders = {
       # on encrypted drive
       # ------------------
@@ -42,12 +50,20 @@
         enable = true;
         path = "/syncthing/music-projects";
       };
+      audiobooks = {
+        enable = true;
+        path = "/media/audio-books";
+      };
+      lectures = {
+        enable = true;
+        path = "/media/lectures";
+      };
     };
   };
 
   services.permown."/syncthing" = {
-    owner = "syncthing";
-    group = "syncthing";
+    owner = "media";
+    group = "media";
     directory-mode = "755";
     file-mode = "755";
   };
diff --git a/nixos/machines/orbi/configuration.nix b/nixos/machines/orbi/configuration.nix
index 165f7fb..bee4277 100644
--- a/nixos/machines/orbi/configuration.nix
+++ b/nixos/machines/orbi/configuration.nix
@@ -22,7 +22,7 @@
 
     ./media-share.nix
 
-    #./media-syncthing.nix
+    ./media-syncthing.nix
     #./media-transmission.nix
     ./media-transmission2.nix
     ./media-jellyfin.nix
diff --git a/nixos/machines/orbi/media-share.nix b/nixos/machines/orbi/media-share.nix
index 86a1080..cc3a0fb 100644
--- a/nixos/machines/orbi/media-share.nix
+++ b/nixos/machines/orbi/media-share.nix
@@ -10,7 +10,7 @@
     group = "media";
   };
 
-  services.permown."/media/media" = {
+  services.permown."/media" = {
     owner = "media";
     group = "media";
     directory-mode = "770";
diff --git a/nixos/machines/orbi/media-syncthing.nix b/nixos/machines/orbi/media-syncthing.nix
index cd55902..57a30a5 100644
--- a/nixos/machines/orbi/media-syncthing.nix
+++ b/nixos/machines/orbi/media-syncthing.nix
@@ -1,77 +1,27 @@
 { config, pkgs, lib, ... }: {
 
-  sops.secrets.syncthing_cert = { };
-  sops.secrets.syncthing_key = { };
-
   networking.firewall.allowedTCPPorts = [ 22000 ];
   networking.firewall.allowedUDPPorts = [ 22000 ];
 
   services.syncthing = {
     enable = true;
     openDefaultPorts = false;
+    user = "media";
+    group = "media";
     dataDir = "/media/syncthing/config";
     configDir = "/media/syncthing/config";
     overrideDevices = true;
     overrideFolders = true;
-    cert = toString config.sops.secrets.syncthing_cert.path;
-    key = toString config.sops.secrets.syncthing_key.path;
-
     settings.folders = {
-      # on media hard drive (not encrypted)
-      # -----------------------------------
-      #borg-mirror = {
-      #  enable = true;
-      #  path = "/media/syncthing/borg";
-      #  rescanInterval = 36 * 3600;
-      #  type = "sendonly";
-      #};
-      #video-material = {
-      #  enable = true;
-      #  path = "/home/syncthing/video-material";
-      #};
-      books = {
+      audiobooks = {
         enable = true;
-        path = "/media/syncthing/books";
+        path = "/media/synchthing/audiobooks";
       };
-      lost-fotos = {
+      lectures = {
         enable = true;
-        path = "/media/syncthing/lost-fotos.ct";
-        rescanIntervalS = 40 * 24 * 3600;
-      };
-      #media = {
-      #  enable = true;
-      #  watch = false;
-      #  type = "sendonly";
-      #  path = "/media/syncthing/media";
-      #  rescanInterval = 27 * 24 * 3600;
-      #};
-      music-projects = {
-        enable = true;
-        #watch = true;
-        path = "/media/syncthing/music-projects";
-      };
-      nextcloud_backup = {
-        enable = true;
-        #watch = true;
-        path = "/media/syncthing/nextcloud_backup";
-        rescanIntervalS = 23 * 3600;
+        path = "/media/synchthing/lectures";
       };
     };
   };
 
-  services.permown."/media/syncthing" = {
-    # not managed by syncthing anymore
-    owner = "syncthing";
-    group = "syncthing";
-    umask = "0002";
-  };
-  systemd.services."permown._media_syncthing" = {
-    bindsTo = [ "media.mount" ];
-    after = [ "media.mount" ];
-  };
-  systemd.services."syncthing" = {
-    bindsTo = [ "media.mount" ];
-    after = [ "media.mount" ];
-  };
-
 }