diff --git a/configuration.nix b/configuration.nix
index 1bb4a51..f8cdf2c 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -23,27 +23,31 @@ in
 {
   system.stateVersion = "23.11";
 
-  #boot.loader.systemd-boot.enable = true;
-  #boot.loader.efi.canTouchEfiVariables = true;
+  # BOOT
+  boot.loader.systemd-boot.enable = true;
 
   # PROXMOX
   services.qemuGuest.enable = true;
   services.cloud-init = {
     enable = true;
+    network.enable = true;
   };
+  environment.etc."cloud/cloud.cfg.d/99_pve.cfg".text = ''
+    datasource_list: [ NoCloud, ConfigDrive ]
+  '';
 
   # USER MANAGEMENT
   # TODO: Should this be in cloud-init?
+  security.sudo.wheelNeedsPassword = false;
   nix.settings.trusted-users = [ "nixos" ];
   users.users.nixos = {
     isNormalUser = true;
-    password = "nixos";
+    password = "hunter2";
     extraGroups = [ "wheel" ];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICXAlzwziqfUUb2qmFwNF/nrBYc5MNT1MMOx81ohBmB+ tine@little.sys.tjo.space"
     ];
   };
-  security.sudo.wheelNeedsPassword = false;
 
   # SSH
   services.openssh = {
@@ -59,13 +63,18 @@ in
   };
 
   # FIREWALL
+  networking.useNetworkd = true;
   networking.firewall = {
     enable = true;
 
     trustedInterfaces = [ "tailscale0" ];
 
     allowedUDPPorts = [ config.services.tailscale.port ];
-    allowedTCPPorts = [ 22 ];
+    allowedTCPPorts = [
+      22
+      80
+      443
+    ];
   };
 
   # NGINX
diff --git a/terraform/dns.tf b/terraform/dns.tf
index 72d7742..0a93a88 100644
--- a/terraform/dns.tf
+++ b/terraform/dns.tf
@@ -47,7 +47,20 @@ resource "digitalocean_record" "internal" {
 
   domain = data.digitalocean_domain.ingress.id
   type   = each.value.type
-  name   = lower(each.value.node)
+  name   = "internal.${lower(each.value.node)}"
   value  = each.value.ip
   ttl    = 60
 }
+
+resource "digitalocean_record" "srv" {
+  for_each = local.nodes_with_address
+
+  domain   = data.digitalocean_domain.ingress.id
+  type     = "SRV"
+  name     = digitalocean_record.internal[each.key].fqdn
+  value    = "_nginx._tcp"
+  port     = 9000
+  priority = 10
+  weight   = 100
+  ttl      = 60
+}
diff --git a/terraform/node.tf b/terraform/node.tf
index d96e299..d423e65 100644
--- a/terraform/node.tf
+++ b/terraform/node.tf
@@ -28,8 +28,8 @@ locals {
   nodes_with_address = {
     for k, v in local.nodes :
     k => merge(v, {
-      public_ipv4   = local.ipv4_addresses[k]["eth0"][0]
-      public_ipv6   = local.ipv6_addresses[k]["eth0"][0]
+      public_ipv4   = local.ipv4_addresses[k]["ens18"][0]
+      public_ipv6   = local.ipv6_addresses[k]["ens18"][0]
       internal_ipv4 = local.ipv4_addresses[k]["tailscale0"][0]
       internal_ipv6 = local.ipv6_addresses[k]["tailscale0"][0]
     })
@@ -65,13 +65,14 @@ resource "proxmox_virtual_environment_file" "cloudinit" {
   source_raw {
     data      = <<-EOF
     #cloud-config
-    bootcmd:
+    runcmd:
+    - echo "hello world"
     - [ 'tailscale', 'up', '--authkey', '${tailscale_tailnet_key.ingress.key}',
         '--hostname', '${each.value.name}',
         '--accept-routes', 'true',
         '--ssh' ]
     EOF
-    file_name = "${each.value.hostname}.cloudinit.yaml"
+    file_name = "${each.value.hostname}.cloudconfig.yaml"
   }
 }
 
@@ -114,7 +115,7 @@ resource "proxmox_virtual_environment_vm" "nodes" {
 
   agent {
     enabled = true
-    timeout = "1m"
+    timeout = "5m"
   }
 
   network_device {
@@ -136,6 +137,6 @@ resource "proxmox_virtual_environment_vm" "nodes" {
 
   initialization {
     datastore_id      = each.value.storage
-    meta_data_file_id = proxmox_virtual_environment_file.cloudinit[each.key].id
+    user_data_file_id = proxmox_virtual_environment_file.cloudinit[each.key].id
   }
 }