diff --git a/applications/bitwarden/vaultwarden.nix b/applications/bitwarden/vaultwarden.nix
index 22808e9..3e0c84e 100644
--- a/applications/bitwarden/vaultwarden.nix
+++ b/applications/bitwarden/vaultwarden.nix
@@ -47,11 +47,18 @@ in {
       }
     ];
 
-    services.nginx.virtualHosts."${domain}" = {
-      forceSSL = true;
-      useACMEHost = "skynet";
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
+    services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
+      "${domain}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/" = {
+          proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
+        };
       };
     };
 
diff --git a/applications/email.nix b/applications/email.nix
index 7a9a568..0e39139 100644
--- a/applications/email.nix
+++ b/applications/email.nix
@@ -245,6 +245,12 @@ in {
 
     # to provide the certs
     services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
+
       "mail.skynet.ie" = {
         forceSSL = true;
         useACMEHost = "mail";
diff --git a/applications/games.nix b/applications/games.nix
index 4959f25..1c35588 100644
--- a/applications/games.nix
+++ b/applications/games.nix
@@ -60,6 +60,12 @@ in {
     ];
 
     services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
+
       "${cfg.domain.sub}.skynet.ie" = {
         forceSSL = true;
         useACMEHost = "skynet";
diff --git a/applications/games/minecraft.nix b/applications/games/minecraft.nix
index 5bd427a..5d51620 100644
--- a/applications/games/minecraft.nix
+++ b/applications/games/minecraft.nix
@@ -108,6 +108,12 @@ in {
     ];
 
     services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
+
       # https://config.minecraft.games.skynet.ie
       "config.${short_domain}" = {
         forceSSL = true;
diff --git a/applications/gitlab.nix b/applications/gitlab.nix
index d97b48e..36b2aae 100644
--- a/applications/gitlab.nix
+++ b/applications/gitlab.nix
@@ -150,6 +150,12 @@ in {
     services.openssh.ports = [22 2222];
 
     services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
+
       # main site
       "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
         forceSSL = true;
diff --git a/applications/nextcloud.nix b/applications/nextcloud.nix
index 078408c..f177132 100644
--- a/applications/nextcloud.nix
+++ b/applications/nextcloud.nix
@@ -108,6 +108,11 @@ in {
     };
 
     services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
       ${domain} = {
         forceSSL = true;
         useACMEHost = "skynet";
diff --git a/applications/skynet_users.nix b/applications/skynet_users.nix
index 66c3386..cc0fd22 100644
--- a/applications/skynet_users.nix
+++ b/applications/skynet_users.nix
@@ -68,6 +68,12 @@ in {
     systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
 
     services.nginx.virtualHosts = {
+      "${cfg.host.ip}" = {
+        forceSSL = true;
+        useACMEHost = "skynet";
+        locations."/".return = "307 https://skynet.ie";
+      };
+
       # main site
       "*.users.skynet.ie" = {
         forceSSL = true;
diff --git a/applications/ulfm.nix b/applications/ulfm.nix
index ede9a33..36329f9 100644
--- a/applications/ulfm.nix
+++ b/applications/ulfm.nix
@@ -93,10 +93,22 @@ in {
       };
     };
 
-    services.nginx.virtualHosts."${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
-      forceSSL = true;
-      useACMEHost = "skynet";
-      locations."/".proxyPass = "http://localhost:8000";
+    services.nginx = {
+      enable = true;
+      group = "acme";
+
+      virtualHosts = {
+        "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
+          forceSSL = true;
+          useACMEHost = "skynet";
+          locations."/".proxyPass = "http://localhost:8000";
+        };
+        "${cfg.host.ip}" = {
+          forceSSL = true;
+          useACMEHost = "skynet";
+          locations."/".return = "307 https://skynet.ie";
+        };
+      };
     };
   };
 }
diff --git a/flake.lock b/flake.lock
index 7b5edc8..cedee81 100644
--- a/flake.lock
+++ b/flake.lock
@@ -107,11 +107,11 @@
       },
       "locked": {
         "host": "gitlab.skynet.ie",
-        "lastModified": 1698519699,
-        "narHash": "sha256-GK8NGWeG2gf3z/ktT0rzDVfj1UsaXxDLcSWCz6tsYSY=",
+        "lastModified": 1706893483,
+        "narHash": "sha256-x9OWItfCPTQA9klaN2gpaNLdqUVS0beUMdxbjmc7WgE=",
         "owner": "compsoc1%2Fcompsoc",
         "repo": "presentations%2Fpresentations",
-        "rev": "7f451b04c5cffda1558e58f65a53dbc89a678446",
+        "rev": "54d1fd58213e087d63331a0d94ea723617207e20",
         "type": "gitlab"
       },
       "original": {