diff --git a/machines/skynet.nix b/machines/skynet.nix
index c769fc5..e21d16d 100644
--- a/machines/skynet.nix
+++ b/machines/skynet.nix
@@ -18,13 +18,15 @@ let
   ip_pub    = "193.1.96.165";
   ip_priv   = "193.1.99.79";
   hostname  = "${name}.skynet.ie";
-  hostname_int  = "${name}_int.skynet.ie";
+  hostname_int  = "${name}.int.skynet.ie";
 
 in {
-  imports = [];
+  imports = [
+    ../applications/acme.nix
+  ];
 
   deployment = {
-    targetHost = hostname_int;
+    targetHost = ip_priv;
     targetPort = 22;
     targetUser = "root";
 
@@ -34,7 +36,10 @@ in {
   # it has two network devices so two
   skynet_dns.records = [
     {record=name;          r_type="A"; value=ip_pub;  server=true;}
-    {record="${name}_int"; r_type="A"; value=ip_priv; server=true;}
+    {record="${name}.int"; r_type="A"; value=ip_priv; server=true;}
+
+    # change to pub later
+    {record="@"; r_type="A"; value=ip_priv;}
 
     {record=ip_pub;  r_type="PTR"; value=hostname;}
     {record=ip_priv; r_type="PTR"; value=hostname_int;}
@@ -55,4 +60,29 @@ in {
     ];
   };
 
+  proxmoxLXC.manageNetwork = true;
+  networking.hostName = name;
+  networking.interfaces.eth0.ipv4.addresses = [
+    {
+      address = ip_priv;
+      prefixLength = 26;
+    }
+  ];
+
+  networking.firewall.allowedTCPPorts = [80 443];
+  services.httpd = {
+    enable = true;
+    group = "acme";
+
+    virtualHosts = {
+        # main site
+        "skynet.ie" = {
+          forceSSL = true;
+          useACMEHost = "skynet";
+
+          # skynet.ie/~username
+          enableUserDir = true;
+        };
+      };
+  };
 }
\ No newline at end of file