diff --git a/hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix b/hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
index 7f65d41..016f2a7 100644
--- a/hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
@@ -38,9 +38,6 @@ in
 
         "authelia-configuration.yaml".content = builtins.readFile (
           (pkgs.formats.yaml { }).generate "configuration.yaml" {
-            theme = "auto";
-            telemetry.metrics.enabled = true;
-
             authentication_backend = {
               refresh_interval = "always";
               file = {
@@ -52,6 +49,8 @@ in
             password_policy.zxcvbn.enabled = true;
             access_control.default_policy = "deny";
 
+            server.endpoints.authz.forward-auth.implementation = "ForwardAuth";
+
             session = {
               secret = hmConfig.sops.placeholder."authelia/session";
 
@@ -98,6 +97,8 @@ in
               password = hmConfig.sops.placeholder."authelia/smtp";
               sender = "jupiter@karaolidis.com";
             };
+
+            theme = "auto";
           }
         );
 
@@ -162,7 +163,6 @@ in
             labels = [
               "traefik.enable=true"
               "traefik.http.routers.authelia.rule=Host(`id.karaolidis.com`)"
-              "traefik.http.routers.authelia.tls.certresolver=letsencrypt"
 
               "traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true"
               "traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/authz/forward-auth"
diff --git a/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix b/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
index 7f70535..4ce3246 100644
--- a/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
@@ -71,9 +71,6 @@ in
               enable-signup = false;
               enable-login = true;
               enable-reservations = false;
-
-              enable-metrics = true;
-              metrics-listen-http = ":8080";
             }
           );
 
@@ -130,7 +127,6 @@ in
           labels = [
             "traefik.enable=true"
             "traefik.http.routers.ntfy.rule=Host(`ntfy.karaolidis.com`)"
-            "traefik.http.routers.ntfy.tls.certresolver=letsencrypt"
           ];
         };
 
diff --git a/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix b/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix
index 4b81d70..4a76273 100644
--- a/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix
@@ -58,24 +58,25 @@ in
 
               "--providers.docker=true"
               "--providers.docker.exposedbydefault=false"
+              "--providers.docker.network=systemd-traefik"
 
-              "--entryPoints.web.address=:80"
-              "--entrypoints.web.http.redirections.entryPoint.to=websecure"
-              "--entrypoints.web.http.redirections.entryPoint.scheme=https"
-              "--entryPoints.web.http3"
-              "--entrypoints.web.forwardedHeaders.insecure=true"
+              "--entryPoints.http.address=:80"
+              "--entrypoints.http.http.redirections.entryPoint.to=https"
+              "--entrypoints.http.http.redirections.entryPoint.scheme=https"
+              "--entryPoints.http.http3"
+              "--entrypoints.http.forwardedHeaders.insecure=true"
 
-              "--entryPoints.websecure.address=:443"
-              "--entryPoints.websecure.asDefault=true"
-              "--entrypoints.websecure.http.tls=true"
-              "--entrypoints.websecure.http.tls.certResolver=letsencrypt"
-              "--entrypoints.websecure.http.tls.domains[0].main=karaolidis.com"
-              "--entrypoints.websecure.http.tls.domains[0].sans=*.karaolidis.com"
-              "--entrypoints.websecure.http.tls.domains[1].main=krlds.com"
-              "--entrypoints.websecure.http.tls.domains[1].sans=*.krlds.com"
-              "--entrypoints.websecure.http.middlewares=compress@docker"
-              "--entryPoints.websecure.http3"
-              "--entrypoints.websecure.forwardedHeaders.insecure=true"
+              "--entryPoints.https.address=:443"
+              "--entryPoints.https.asDefault=true"
+              "--entrypoints.https.http.tls=true"
+              "--entrypoints.https.http.tls.certResolver=letsencrypt"
+              "--entrypoints.https.http.tls.domains[0].main=karaolidis.com"
+              "--entrypoints.https.http.tls.domains[0].sans=*.karaolidis.com"
+              "--entrypoints.https.http.tls.domains[1].main=krlds.com"
+              "--entrypoints.https.http.tls.domains[1].sans=*.krlds.com"
+              "--entrypoints.https.http.middlewares=compress@docker"
+              "--entryPoints.https.http3"
+              "--entrypoints.https.forwardedHeaders.insecure=true"
 
               "--certificatesresolvers.letsencrypt.acme.dnschallenge=true"
               "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
@@ -84,10 +85,14 @@ in
             ];
             labels = [
               "traefik.enable=true"
-              "traefik.http.routers.traefik.rule=Host(`proxy.karaolidis.com`)"
-              "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
-              "traefik.http.routers.traefik.service: 'api@internal'"
-              "traefik.http.routers.traefik.middlewares: 'authelia@docker'"
+
+              "traefik.http.routers.traefik-dashboard.rule=Host(`proxy.karaolidis.com`)"
+              "traefik.http.routers.traefik-dashboard.service=dashboard@internal"
+              "traefik.http.routers.traefik-dashboard.middlewares=authelia@docker"
+
+              "traefik.http.routers.traefik-api.rule='Host(`proxy.karaolidis.com`) && PathPrefix(`/api`)'"
+              "traefik.http.routers.traefik-api.service=api@internal"
+              "traefik.http.routers.traefik-api.middlewares=authelia@docker"
 
               "traefik.http.middlewares.compress.compress=true"
               # TODO: Middlewares: Headers
@@ -104,6 +109,7 @@ in
             After = [
               "traefik-http.socket"
               "traefik-https.socket"
+              "${containers.authelia._serviceName}.service"
               "sops-nix.service"
             ];
 
@@ -137,7 +143,7 @@ in
       "traefik-http" = {
         Socket = {
           ListenStream = "0.0.0.0:80";
-          FileDescriptorName = "web";
+          FileDescriptorName = "http";
           Service = "${containers.traefik._serviceName}.service";
         };
 
@@ -149,7 +155,7 @@ in
       "traefik-https" = {
         Socket = {
           ListenStream = "0.0.0.0:443";
-          FileDescriptorName = "websecure";
+          FileDescriptorName = "https";
           Service = "${containers.traefik._serviceName}.service";
         };
 
diff --git a/hosts/jupiter/users/storm/configs/console/podman/whoami/default.nix b/hosts/jupiter/users/storm/configs/console/podman/whoami/default.nix
index 3a183ac..f824642 100644
--- a/hosts/jupiter/users/storm/configs/console/podman/whoami/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/whoami/default.nix
@@ -26,7 +26,6 @@ in
       labels = [
         "traefik.enable=true"
         "traefik.http.routers.whoami.rule=Host(`whoami.karaolidis.com`)"
-        "traefik.http.routers.whoami.tls.certresolver=letsencrypt"
       ];
     };
   };