diff --git a/modules/server/caddy/default.nix b/modules/server/caddy/default.nix
index bd5ef66c..91a1accb 100644
--- a/modules/server/caddy/default.nix
+++ b/modules/server/caddy/default.nix
@@ -24,20 +24,20 @@ in {
       allowedUDPPorts = ports;
     };
 
-    security.acme = {
-      acceptTerms = true;
-      defaults.email = config.server.email;
-      certs.${config.server.domain} = {
-        reloadServices = ["caddy.service"];
-        domain = "${config.server.domain}";
-        extraDomainNames = ["*.${config.server.domain}"];
-        dnsProvider = "cloudflare";
-        dnsResolver = "1.1.1.1:53";
-        dnsPropagationCheck = true;
-        group = config.services.caddy.group;
-        environmentFile = config.age.secrets.cloudflare-env.path;
-      };
-    };
+    # security.acme = {
+    #   acceptTerms = true;
+    #   defaults.email = config.server.email;
+    #   certs.${config.server.domain} = {
+    #     reloadServices = ["caddy.service"];
+    #     domain = "${config.server.domain}";
+    #     extraDomainNames = ["*.${config.server.domain}"];
+    #     dnsProvider = "cloudflare";
+    #     dnsResolver = "1.1.1.1:53";
+    #     dnsPropagationCheck = true;
+    #     group = config.services.caddy.group;
+    #     environmentFile = config.age.secrets.cloudflare-env.path;
+    #   };
+    # };
 
     services.caddy = {
       enable = true;
diff --git a/modules/server/vaultwarden/default.nix b/modules/server/vaultwarden/default.nix
index b9e79758..0faf0c48 100644
--- a/modules/server/vaultwarden/default.nix
+++ b/modules/server/vaultwarden/default.nix
@@ -29,14 +29,9 @@ in {
       Group = "root";
     };
 
-    # services.caddy.virtualHosts."vault.cnst.dev".extraConfig = ''
-    #   encode zstd gzip
-    #   reverse_proxy ${vcfg.ROCKET_ADDRESS}:${toString vcfg.ROCKET_PORT} {
-    #     # header_up X-Real-IP {remote_host}
-    #     # Use this instead, if using Cloudflare's proxy
-    #     header_up X-Real-IP {http.request.header.Cf-Connecting-Ip}
-    #   }
-    # '';
+    services.caddy.virtualHosts."vault.cnst.dev".extraConfig = ''
+      reverse_proxy ${vcfg.ROCKET_ADDRESS}:${toString vcfg.ROCKET_PORT}
+    '';
 
     services.vaultwarden = {
       enable = true;
@@ -46,12 +41,12 @@ in {
 
       config = {
         DOMAIN = "https://vault.${domain}";
-        SIGNUPS_ALLOWED = false;
+        SIGNUPS_ALLOWED = true;
         ROCKET_ADDRESS = "127.0.0.1";
         ROCKET_PORT = 8222;
-        EXTENDED_LOGGING = true;
-        LOG_LEVEL = "warn";
-        IP_HEADER = "CF-Connecting-IP";
+        # EXTENDED_LOGGING = true;
+        # LOG_LEVEL = "warn";
+        # IP_HEADER = "CF-Connecting-IP";
       };
     };
   };