diff --git a/hosts/kameramann/default.nix b/hosts/kameramann/default.nix
index b76d20b..498fb5b 100644
--- a/hosts/kameramann/default.nix
+++ b/hosts/kameramann/default.nix
@@ -2,6 +2,7 @@
   imports = [
     ./hardware.nix
     ./disko.nix
+    ./nvr.nix
   ];
 
   networking.hostName = "kameramann";
diff --git a/hosts/kameramann/nvr.nix b/hosts/kameramann/nvr.nix
new file mode 100644
index 0000000..f9cfe06
--- /dev/null
+++ b/hosts/kameramann/nvr.nix
@@ -0,0 +1,59 @@
+{ config, ... }: {
+  age.secrets."camera-ulfried-url".file     = ../../secrets/camera-ulfried-url.age;
+  age.secrets."camera-ulfried-sub-url".file = ../../secrets/camera-ulfried-sub-url.age;
+  age.secrets."camera-gnisbert-url".file     = ../../secrets/camera-gnisbert-url.age;
+  age.secrets."camera-gnisbert-sub-url".file = ../../secrets/camera-gnisbert-sub-url.age;
+  age.secrets."camera-taubis-url".file       = ../../secrets/camera-taubis-url.age;
+  age.secrets."camera-taubis-sub-url".file   = ../../secrets/camera-taubis-sub-url.age;
+  age.secrets."camera-foeff-url".file        = ../../secrets/camera-foeff-url.age;
+  age.secrets."camera-foeff-sub-url".file    = ../../secrets/camera-foeff-sub-url.age;
+
+  systemd.services.go2rtc.serviceConfig.LoadCredential = [
+    "ULFRIED_URL:${config.age.secrets."camera-ulfried-url".path}"
+    "ULFRIED_SUB_URL:${config.age.secrets."camera-ulfried-sub-url".path}"
+    "GNISBERT_URL:${config.age.secrets."camera-gnisbert-url".path}"
+    "GNISBERT_SUB_URL:${config.age.secrets."camera-gnisbert-sub-url".path}"
+    "TAUBIS_URL:${config.age.secrets."camera-taubis-url".path}"
+    "TAUBIS_SUB_URL:${config.age.secrets."camera-taubis-sub-url".path}"
+    "FOEFF_URL:${config.age.secrets."camera-foeff-url".path}"
+    "FOEFF_SUB_URL:${config.age.secrets."camera-foeff-sub-url".path}"
+  ];
+
+  services.go2rtc.enable = true;
+  services.go2rtc.settings.streams = {
+    "ulfried" = [
+      "\${ULFRIED_URL}"
+      "ffmpeg:ulfried#audio=opus#audio=aac"
+    ];
+    "ulfried_sub" = [
+      "\${ULFRIED_SUB_URL}"
+      "ffmpeg:ulfried_sub#audio=opus#audio=aac"
+    ];
+    "gnisbert" = [
+      "\${GNISBERT_URL}"
+      "ffmpeg:gnisbert#audio=opus#audio=aac"
+    ];
+    "gnisbert_sub" = [
+      "\${GNISBERT_SUB_URL}"
+      "ffmpeg:gnisbert_sub#audio=opus#audio=aac"
+    ];
+    "taubis" = [
+      "\${TAUBIS_URL}"
+      "ffmpeg:taubis#audio=opus#audio=aac"
+    ];
+    "taubis_sub" = [
+      "\${TAUBIS_SUB_URL}"
+      "ffmpeg:taubis_sub#audio=opus#audio=aac"
+    ];
+    "foeff" = [
+      "\${FOEFF_URL}"
+      "ffmpeg:foeff#audio=opus#audio=aac#video=copy"
+    ];
+    "foeff_sub" = [
+      "\${FOEFF_SUB_URL}"
+      "ffmpeg:foeff_sub#audio=opus#audio=aac#video=copy"
+    ];
+  };
+
+  networking.firewall.allowedTCPPorts = [ 1984 ];
+}
diff --git a/secrets/camera-foeff-sub-url.age b/secrets/camera-foeff-sub-url.age
new file mode 100644
index 0000000..af3f865
--- /dev/null
+++ b/secrets/camera-foeff-sub-url.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 hC2TMg K23laRBk9Jvf6Uo9ofAk2gCPp7EppKPVnomDWE+mJ2s
+Z6r7vtDMPx0hSXxqOwQHwHeQzE/97hhy+KPBRUmkloQ
+-> ssh-ed25519 psfYGg 5jNbtluxAGBo2H2k2zoRUjbtAxvDvtm8i9UNNTNAuB8
+d2z/qob65J5AVhxDt35fn05+pkeNHDrIEfzCV8uGvwA
+--- EOpZwlsfsISDz9J/4735DF21LMMiLmIc4sE7F3wAlHI
+^Æ{e€NÂüÞ¨šŒ§Ï,ö´§3áe‚)¼ý:]@Ù×"´ÔÀ€ß7¢»O3©ôjÂØ#Yq£i£ÝY„ÜâQç)k^;Ï<}èƒ6ñdÚC$×ÍfqPy_V…»:3þ©
\ No newline at end of file
diff --git a/secrets/camera-foeff-url.age b/secrets/camera-foeff-url.age
new file mode 100644
index 0000000..afaab92
--- /dev/null
+++ b/secrets/camera-foeff-url.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 hC2TMg n5JXFq/7d/DT+p4XcVPKpS/2XjQ9RDUksoS4acLX5HI
+UJKvHyLgHK5NI3sLgI+heOawX65k07NKu7O1swoZfqQ
+-> ssh-ed25519 psfYGg +swqzZLEZtQtkle5HMNt0PVNmcE+7/Z55yJiH4YnzCU
+09hd9YSNA1t9sDrH1fF37HeUKZqJJMElMAwuA3CiwHU
+--- gb+X79T9kKZo4OHahfyiGHuAE9o2hEZHTn6tB98v8Hs
+ZéNHIÀ²‹d<S§5½½å>· sî3mE)JyñÅ]%úŠ:ÌJFý¨,¼UMÔI­‚ïâaë¤ÐRþQ®bá¾`Å£”ac+frjüÝ–Ü<gîo‚l4|ÔX0>,œÄ=i
\ No newline at end of file
diff --git a/secrets/camera-gnisbert-sub-url.age b/secrets/camera-gnisbert-sub-url.age
new file mode 100644
index 0000000..844e34a
Binary files /dev/null and b/secrets/camera-gnisbert-sub-url.age differ
diff --git a/secrets/camera-gnisbert-url.age b/secrets/camera-gnisbert-url.age
new file mode 100644
index 0000000..7cca8a1
--- /dev/null
+++ b/secrets/camera-gnisbert-url.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 hC2TMg h329e0tkuyIHY1qDoj+bL6Bb1rXQ/xfIzIdMZ1QwSlI
+twGdpKH4ZbOtvBSE6VmhYgBd77ALBoaubHQFPq2/MIQ
+-> ssh-ed25519 psfYGg +U9wzhqrx7eoIrYU3gdQE4Cj+cjwmgiI+SyoDnB6ZVc
+Y03vO9kY8tBT/ijFL1R7xICkF2a0OwYnrQu5R8xpPMw
+--- b+Ans7uEkZZoigbu3h9tW+lH9qpLAfrtnjUHq/GfeiI
+¬“ÄšõÊuê«ÓçéNcB:ÙŒg\²§y£zªsÃXjònCúR«H¦VýÌ5­ícv„Ôrê’]ØŸ³No·EµÁvñÆ^uLä8È•G(Älo
+Ü
\ No newline at end of file
diff --git a/secrets/camera-taubis-sub-url.age b/secrets/camera-taubis-sub-url.age
new file mode 100644
index 0000000..9d46150
Binary files /dev/null and b/secrets/camera-taubis-sub-url.age differ
diff --git a/secrets/camera-taubis-url.age b/secrets/camera-taubis-url.age
new file mode 100644
index 0000000..e1bbb78
Binary files /dev/null and b/secrets/camera-taubis-url.age differ
diff --git a/secrets/camera-ulfried-sub-url.age b/secrets/camera-ulfried-sub-url.age
new file mode 100644
index 0000000..bd4040d
--- /dev/null
+++ b/secrets/camera-ulfried-sub-url.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 hC2TMg hQ9We+2gIJfdmnP5iTiQVt0Lz5tXJpjgQnyI5eEnHGY
+rffB6DKI01Rwc4WchxN8uSYofaiWufAy6OLXwaeAdCk
+-> ssh-ed25519 psfYGg 6TJ5VeXmU/W7LuIS+6ud/V0LpiUm+xwQJppQSHX+NnM
+8p+BkvGGIcXe8jytEcr8+rfE1r9I/gg9Kur8yRYssRk
+--- m1eFeYo8bI107h4muwA4TgHaLrdNiuw2YpKOuyU8wNs
+öÜC4™Ñv8aµªÍß«Íà[ë¼ö@5\\öi!†ÉÁÚGÕ²
+º-Iý;uB¡ ti€	âd0¨>Ž¬­æàÂò‹uôýlù,óŽÆü¡‚w:J¶Ž
+èD~ÎÈÕB~Á
\ No newline at end of file
diff --git a/secrets/camera-ulfried-url.age b/secrets/camera-ulfried-url.age
new file mode 100644
index 0000000..215d95b
--- /dev/null
+++ b/secrets/camera-ulfried-url.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 hC2TMg kiwLTnSCnEbIWlw2j1SZ7aAQsqFipJDqJCBCyHT5p1g
+eI3p6oADMssBAIndqjmSXbeJROtBHETfF8W3IvFRg/c
+-> ssh-ed25519 psfYGg B7cdkEzmyrkeM7cTnoC8SjTaV1pWuAXOXiGYSJH9gxI
+kFeERXxWDyOjhN+jNGOXWy3m6WY+S5+s20hzgrF5qkI
+--- FPWKykTSfx4XH7tsnhREG0HC9NcgCXJjt77TQ3Sdxk0
+Qï÷þ-®¾¾´è ò‘yà6«M]”Õ|±ÓIp¾2²_“w†îB£|Ò©y–i/áuzwWðËýfÑDkY»8602º:ÐBµ¾ý7e…A”FAï
+ì½ð)9Êõôöô
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index b468ad3..48a704c 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -17,4 +17,12 @@ in
   "voip-trunk-ewe3-username.age".publicKeys = users ++ [ telefonmann ];
   "voip-trunk-ewe3-password.age".publicKeys = users ++ [ telefonmann ];
   "voip-trunk-ewe3-callerid.age".publicKeys = users ++ [ telefonmann ];
+  "camera-ulfried-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-ulfried-sub-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-gnisbert-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-gnisbert-sub-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-taubis-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-taubis-sub-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-foeff-url.age".publicKeys = users ++ [ kameramann ];
+  "camera-foeff-sub-url.age".publicKeys = users ++ [ kameramann ];
 }