diff --git a/modules/mail/default.nix b/modules/mail/default.nix
index a8abd37..11ed131 100644
--- a/modules/mail/default.nix
+++ b/modules/mail/default.nix
@@ -27,9 +27,6 @@ in mkIf conf.mail.enable {
         tls = {
           enable = true;
           implicit = true;
-        };
-        proxy = {
-          
         };
         listener = {
           smtp = {
@@ -60,6 +57,7 @@ in mkIf conf.mail.enable {
         domain = "chpu.eu";
       };
       certificate.default = {
+        default = true;
         cert = "%{file:/var/lib/acme/chpu.eu/chain.pem}%";
         private-key = "%{file:/var/lib/acme/chpu.eu/key.pem}%";
       };
diff --git a/modules/nginx/default.nix b/modules/nginx/default.nix
index ee55432..24a3b02 100644
--- a/modules/nginx/default.nix
+++ b/modules/nginx/default.nix
@@ -30,6 +30,13 @@ in mkIf conf.nginx.enable {
 
   services.nginx = {
     enable = true;
+    virtualHosts = {
+      "chpu.eu" = {
+        serverName = "chpu.eu";
+        useACMEHost = "chpu.eu";
+        forceSSL = true;
+      };
+    };
   };
 
   networking.firewall.allowedTCPPorts = [