diff --git a/hosts/cloudnix/default.nix b/hosts/cloudnix/default.nix
index bddaabd..679c528 100644
--- a/hosts/cloudnix/default.nix
+++ b/hosts/cloudnix/default.nix
@@ -30,10 +30,28 @@ in {
     ../common/optional/openssh.nix
 
     ../common/optional/distributed-builds/local-machine.nix
+    ../common/optional/nixos-containers/semitamaps.nix
+    ../common/optional/nixos-containers/vaultwarden.nix
+    ../common/optional/fail2ban.nix
+    ../common/optional/restic-backup.nix
+
+    ../common/optional/nginx/semitamaps.nix
+    ../common/optional/nginx/vaultwarden.nix
+
 
     outputs.nixosModules.nixosAutoUpgrade
   ];
 
+  services.restic.backups = {
+    daily = {
+      paths = [
+        "/persist/"
+      ];
+      exclude = [
+      ];
+    };
+  };
+
   boot = {
     loader = {
       efi.canTouchEfiVariables = false;
@@ -62,6 +80,16 @@ in {
     user = "admin";
   };
 
+  environment.persistence."/persist" = {
+    directories = [
+      "/var/lib/tailscale"
+    ];
+    files = [ "/etc/machine-id" ];
+  };
+
+  # enable tailscale
+  services.tailscale.enable = true;
+
   networking = {
     hostName = "cloudnix";
     nameservers = ["8.8.8.8"];
diff --git a/vars/default.nix b/vars/default.nix
index 82b6969..77172bf 100644
--- a/vars/default.nix
+++ b/vars/default.nix
@@ -5,6 +5,7 @@
     email
     metrics-server
     xmpp
+    domains
     ;
   locations = {
     mediaDataMountPoint = "/media/media";