diff --git a/hosts/hainich/services/hasenloch.nix b/hosts/hainich/services/hasenloch.nix
index 13b33e6..a2d4c21 100644
--- a/hosts/hainich/services/hasenloch.nix
+++ b/hosts/hainich/services/hasenloch.nix
@@ -4,16 +4,19 @@
   containers.hasenloch = {
     autoStart = true;
     privateNetwork = true;
-    hostAddress6 = "fd00::42:14";
-    localAddress6 = "fd00::42:18";
+    hostAddress = "192.168.100.5";
+    localAddress = "192.168.100.7";
 
-    config = { pkgs, config, ...}: {
+    config = { pkgs, config2, ...}: {
       services.engelsystem = {
         enable = true;
         domain = "himmel.hacc.earth";
         
         config = {
           url = "https://himmel.hacc.earth";
+          trusted_proxies = [ "${config.containers.hasenloch.hostAddress}/31" ];
+          rewrite_urls = true;
+          
           app_name = "Hasenloch";
           
           footer_items = {
@@ -51,13 +54,28 @@
       };
 
       networking.firewall.allowedTCPPorts = [ 80 ];
+      networking.firewall.enable = false;
+      services.coredns = {
+        enable = true;
+        config = ''
+          .:53 {
+          forward . 1.1.1.1
+          }
+        '';
+      };
     };
   };
 
+  services.nginx.recommendedProxySettings = true;
   services.nginx.virtualHosts."himmel.hacc.earth" = {
-    locations."/".proxyPass = "http://[" + config.containers.hasenloch.localAddress6 + "]";
+    locations."/".proxyPass = "http://" + config.containers.hasenloch.localAddress;
     forceSSL = true;
     enableACME = true;
   };
+  
+  networking.nat.enable = true;
+  networking.nat.internalInterfaces = ["ve-hasenloch"];
+  networking.nat.externalInterface = "enp6s0";
+
 }