diff --git a/configs/pepe/configuration.nix b/configs/pepe/configuration.nix
index 7eef4b5..e913461 100644
--- a/configs/pepe/configuration.nix
+++ b/configs/pepe/configuration.nix
@@ -10,7 +10,7 @@
     ./syncthing.nix
     ./tinc.nix
     ./wifi-access-point.nix
-    ./vsftpd.nix
+    ./dms.nix
 
   ];
 
diff --git a/configs/pepe/dms.nix b/configs/pepe/dms.nix
new file mode 100644
index 0000000..d226519
--- /dev/null
+++ b/configs/pepe/dms.nix
@@ -0,0 +1,88 @@
+{ lib, pkgs, config, ... }:
+
+# a very simple dms setup which.
+# I have a brother ADS-1600W scanner, which is configured to send all
+# PDFs to this machine in /home/ftp-upload/input
+# from there the dms.py scans them and makes them searchable.
+
+let
+  dms = pkgs.fetchgit {
+    url = "https://github.com/mrVanDalo/dms.git";
+    rev = "23308490c99eb2ca4a4936e6c4e87403137d9ac1";
+    sha256 = "1gzxlqni9ybmbj8ip2cbkbld3nid3x7552f8v8868nzw1crqky3b";
+  };
+in {
+
+  # setup ftp
+  services.vsftpd = {
+    enable = true;
+    userlist = [ "ftp-upload" ];
+    userlistEnable = true;
+    localUsers = true;
+    writeEnable = true;
+  };
+  networking.firewall.allowedTCPPortRanges = [
+    {
+      # ftp
+      from = 1024;
+      to = 65535;
+    }
+    {
+      # ftp
+      from = 20;
+      to = 21;
+    }
+  ];
+
+  # create user
+  users.users.ftp-upload = {
+    passwordFile = toString <secrets/ftp/password>;
+    isNormalUser = true;
+  };
+
+  # create dms service
+  systemd.services.dms = {
+    enable = true;
+    wantedBy = [ "multi-user.target" ];
+    path = [
+      (pkgs.python3.withPackages (ps: with ps; [ flask ]))
+      pkgs.imagemagick
+      pkgs.pdfsandwich
+      pkgs.poppler_utils
+      pkgs.which
+      pkgs.ghostscript
+      pkgs.netpbm
+    ];
+    serviceConfig = { User = "ftp-upload"; };
+    preStart = ''
+      if [[ ! -L /home/ftp-upload/db/SOURCE_DIR ]]
+      then
+      rm -rf /home/ftp-upload/db/SOURCE_DIR
+      mkdir -p /home/ftp-upload/db
+      mkdir -p /home/ftp-upload/input
+      ln -s /home/ftp-upload/input /home/ftp-upload/db/SOURCE_DIR
+      fi
+    '';
+    script = ''
+      DMSDATA=/home/ftp-upload/db \
+      FLASK_APP=${dms}/dms.py \
+      flask run --host 0.0.0.0 \
+      "$@"
+    '';
+  };
+
+  # host nginx setup
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "dms.pepe.private" = {
+        serverAliases = [ "pdf.pepe.private" "docs.pepe.private" ];
+        locations."/" = { proxyPass = "http://localhost:5000"; };
+      };
+    };
+  };
+
+  # add documents to backup
+  backup.all.restic.dirs = [ "/home/ftp-upload/db" ];
+
+}
diff --git a/configs/pepe/vsftpd.nix b/configs/pepe/vsftpd.nix
deleted file mode 100644
index 75bb474..0000000
--- a/configs/pepe/vsftpd.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ lib, pkgs, config, ... }: {
-
-  services.vsftpd = {
-    enable = true;
-    userlist = [ "ftp-upload" ];
-    userlistEnable = true;
-    localUsers = true;
-    writeEnable = true;
-  };
-
-  users.users.ftp-upload = {
-    passwordFile = toString <secrets/ftp/password>;
-    isNormalUser = true;
-  };
-
-  networking.firewall.allowedTCPPorts = [
-    20 # ftp
-    21 # ftp
-  ];
-
-  networking.firewall.allowedTCPPortRanges = [ {from = 1024 ; to = 65535; }];
-
-}