diff --git a/nixos/mirai/services/default.nix b/nixos/mirai/services/default.nix
index 7a7db017..5bd677c1 100644
--- a/nixos/mirai/services/default.nix
+++ b/nixos/mirai/services/default.nix
@@ -9,12 +9,12 @@
     ./caddy.nix
     ./fail2ban.nix
     ./gitea.nix
-    ./home-assistant.nix
     # ./appflowy.nix
+    # ./home-assistant.nix
 
     # ./jellyfin.nix
     # ./polaris.nix
-    # ./seafile.nix
+    ./seafile.nix
     # ./syncthing.nix
     # ./vscode.nix
     # ./nextcloud.nix
diff --git a/nixos/mirai/services/home-assistant.nix b/nixos/mirai/services/home-assistant.nix
index 79714af2..9a9e3a57 100644
--- a/nixos/mirai/services/home-assistant.nix
+++ b/nixos/mirai/services/home-assistant.nix
@@ -7,12 +7,19 @@
         "met"
         "radio_browser"
         "wiz"
+        "homekit"
+        "homekit_controller"
       ];
       customComponents = [
         pkgs.home-assistant-custom-components.auth-header
       ];
       config = {
         default_config = {};
+        homeassistant = {
+          external_url = "https://home.darksailor.dev";
+          name = "Home Assistant";
+          time_zone = "Asia/Kolkata";
+        };
         http = {
           server_host = "::1";
           trusted_proxies = ["::1"];
@@ -33,8 +40,43 @@
       '';
     };
   };
-  networking.firewall.allowedTCPPorts = [5555 5353 1900 51827 48784 38989 18555];
-  networking.firewall.allowedUDPPorts = [5555];
+  networking.firewall.allowedTCPPorts = [
+    8888
+    5555
+    5432
+    5000
+    7070
+    6600
+    2019
+    22
+    21064
+    48829
+    11434
+    3000
+    8123
+    5432
+    443
+    22
+    80
+    55447
+    25565
+    21064
+    40000
+  ];
+  networking.firewall.allowedUDPPorts = [
+    5353
+    41641
+    68
+    5353
+    5353
+    41641
+    47663
+    53040
+    443
+    1900
+    1900
+    5555
+  ];
   networking.firewall.allowedTCPPortRanges = [
     {
       from = 21063;
diff --git a/nixos/mirai/services/seafile.nix b/nixos/mirai/services/seafile.nix
index b0c35434..b5a22937 100644
--- a/nixos/mirai/services/seafile.nix
+++ b/nixos/mirai/services/seafile.nix
@@ -1,13 +1,12 @@
 {config, ...}: {
-  # sops = {
-  #   secrets."nextcloud/adminpass".owner = config.users.users.caddy.name;
-  # };
-  nixpkgs.config.allowBroken = true;
+  sops = {
+    secrets."nextcloud/adminpass".owner = config.users.users.caddy.name;
+  };
   services = {
     seafile = {
       enable = true;
       # group = config.services.caddy.group;
-      adminEmail = "admin@uttarayan.me";
+      adminEmail = "admin@darksailor.dev";
       initialAdminPassword = "foobar";
 
       seahubExtraConf =
@@ -18,11 +17,11 @@
           ENABLE_REMOTE_USER_AUTHENTICATION = True
           # Optional, HTTP header, which is configured in your web server conf file,
           # used for Seafile to get user's unique id, default value is 'HTTP_REMOTE_USER'.
-          REMOTE_USER_HEADER = 'REMOTE_USER'
+          REMOTE_USER_HEADER = "HTTP_REMOTE_USER"
           # Optional, when the value of HTTP_REMOTE_USER is not a valid email address，
           # Seafile will build a email-like unique id from the value of 'REMOTE_USER_HEADER'
           # and this domain, e.g. user1@example.com.
-          # REMOTE_USER_DOMAIN = 'uttarayan.me'
+          REMOTE_USER_DOMAIN = "darksailor.dev"
           # Optional, whether to create new user in Seafile system, default value is True.
           # If this setting is disabled, users doesn't preexist in the Seafile DB cannot login.
           # The admin has to first import the users from external systems like LDAP.