diff --git a/devices/cluster/default.nix b/devices/cluster/default.nix
index a404d1d..6161ac8 100644
--- a/devices/cluster/default.nix
+++ b/devices/cluster/default.nix
@@ -8,7 +8,6 @@ in {
     ../../modules/sshd.nix
     ../../modules/tailscale.nix
 
-    ./modules/corosync.nix
     ./modules/pacemaker
   ];
 
diff --git a/devices/oksys/modules/caddy.nix b/devices/cluster/modules/caddy.nix
similarity index 97%
rename from devices/oksys/modules/caddy.nix
rename to devices/cluster/modules/caddy.nix
index 737daeb..bd9c373 100644
--- a/devices/oksys/modules/caddy.nix
+++ b/devices/cluster/modules/caddy.nix
@@ -31,6 +31,7 @@ in {
       dockerIP = "10.0.0.122";
       jellyIP = "10.0.0.123";
       servivi = "10.0.0.249";
+      oksysIP = "10.0.0.213";
     in {
       "nelim.org" = {
         serverAliases = ["*.nelim.org"];
@@ -45,7 +46,7 @@ in {
           # Misc one-liners
           vault.reverseProxy = "${dockerIP}:8781";
           hauk.reverseProxy = "${dockerIP}:3003";
-          headscale.reverseProxy = "localhost:8085";
+          headscale.reverseProxy = "${oksysIP}:8085";
           jelly.reverseProxy = "${jellyIP}:80";
 
           # Resume builder
@@ -53,7 +54,6 @@ in {
           resauth.reverseProxy = "${dockerIP}:3100";
 
           # Nextcloud & Co
-          bakail.reverseProxy = "${dockerIP}:8077";
           office.reverseProxy = "http://${dockerIP}:8055";
           nextcloud = {
             subDomainName = "cloud";
diff --git a/devices/cluster/modules/pacemaker/default.nix b/devices/cluster/modules/pacemaker/default.nix
index 3f86e10..4c30cb1 100644
--- a/devices/cluster/modules/pacemaker/default.nix
+++ b/devices/cluster/modules/pacemaker/default.nix
@@ -1,10 +1,20 @@
 {...}: {
-  imports = [./options.nix];
+  imports = [
+    ./options.nix
+    ../corosync.nix
+
+    ../caddy.nix
+  ];
 
   # TODO: update script
   services.pacemaker = {
     enable = true;
 
-    resources = {};
+    resources = {
+      "caddy" = {
+        enable = true;
+        virtualIp = "10.0.0.130";
+      };
+    };
   };
 }
diff --git a/devices/oksys/default.nix b/devices/oksys/default.nix
index 6ceaf69..1f83422 100644
--- a/devices/oksys/default.nix
+++ b/devices/oksys/default.nix
@@ -15,7 +15,6 @@ in {
     ../../modules/tailscale.nix
 
     ./modules/blocky.nix
-    ./modules/caddy.nix
     ./modules/headscale
     ./modules/remote-builder.nix
     ./modules/unbound.nix
diff --git a/devices/oksys/modules/headscale/default.nix b/devices/oksys/modules/headscale/default.nix
index eb47456..4753eb4 100644
--- a/devices/oksys/modules/headscale/default.nix
+++ b/devices/oksys/modules/headscale/default.nix
@@ -19,7 +19,7 @@ in {
     enable = true;
     package = headscale-flake;
 
-    address = "127.0.0.1";
+    address = "10.0.0.213";
     port = 8085;
 
     settings = {