diff --git a/agenix/hosts/Styx/git/maintenance.age b/agenix/hosts/Styx/git/maintenance.age
index fb01e9f..34a1ed6 100644
Binary files a/agenix/hosts/Styx/git/maintenance.age and b/agenix/hosts/Styx/git/maintenance.age differ
diff --git a/agenix/hosts/all/nix/netrc.age b/agenix/hosts/all/nix/netrc.age
index 8e63e7a..cff793e 100644
Binary files a/agenix/hosts/all/nix/netrc.age and b/agenix/hosts/all/nix/netrc.age differ
diff --git a/agenix/hosts/argon/acme/credentials.age b/agenix/hosts/argon/acme/credentials.age
index 30c2d38..e7de4eb 100644
--- a/agenix/hosts/argon/acme/credentials.age
+++ b/agenix/hosts/argon/acme/credentials.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g wMsuJSrhaG/4riiy3bGkdJxo3pyHqtwTscrS9XAsIHs
-58tzBUoSwjEmlbk8WGuQpDhFqRZbZN9tcJFfUod3jJQ
--> ssh-ed25519 1fcLUQ lzQK3MSVtUPnn2nIkkOG7JIbRyVeDvww/mMzyxi5pWE
-axHu4dNL2LpO6K4PFVuWW/EYDPqRLXCC6lBTaR76pgI
---- PW7GxaAiNdk78g6Mtf7UFyrrEbOOVFYQr0HBDL3Y3CY
-¦‚Y–.uÎÿß–‚å‚˜y£ÂÍÀÄ‚+6HLgˆÒOO…6¨ÚvøŽo`uí¼ASÂ»ØÏ¦9–	Ø™Ú)Qfé½™ ±ç—[ßî˜æe—ÛáÅcˆàVFÔ
\ No newline at end of file
+-> ssh-ed25519 MtGp6g NjtJmBDtdCBSzrcte5NuW3yQ7eKX1n+9Mk0LIOgrgjY
+vwVeXfhlIWi+uWbHaOiV0hAdz612UjZ4je4MLsEIEyg
+-> ssh-ed25519 1fcLUQ /adnDLBjCgvkuzD9ZT1n0eXUgZ/Z3vFAWY6MxZOvZ3Y
+fuKB1k98WEMLDOqTVkakt+L0OQ0PThkpQnuP69AKeC8
+--- 5pdouRi85yXSpj83M2aSKg4xYcEcsUsX0J+FTGs9GlM
+)ïG`¼Ã¤L“	.(’–×±SsýpyãIÐ—~ ûˆ¾)GyôæÙ“`èUÝÁ`«ÈVÛì®ˆÉ]Û_ƒV›j“'ž#¸¼‡V?l5(<[»žýH@Ë[žÛ2Ûx
\ No newline at end of file
diff --git a/agenix/hosts/argon/adguardhome-sync/environment.age b/agenix/hosts/argon/adguardhome-sync/environment.age
index 5cc1c0b..2afe07b 100644
Binary files a/agenix/hosts/argon/adguardhome-sync/environment.age and b/agenix/hosts/argon/adguardhome-sync/environment.age differ
diff --git a/agenix/hosts/argon/cfdyndns/apiToken.age b/agenix/hosts/argon/cfdyndns/apiToken.age
index 946f157..6551c20 100644
--- a/agenix/hosts/argon/cfdyndns/apiToken.age
+++ b/agenix/hosts/argon/cfdyndns/apiToken.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g /DLwiLhRRDFSIal3aCmcedgK4K/5SIiiCw190YZwoUU
-etUNg5IVs3GnEUAy8CxKKaL317ZbdN9kUQ/H7zcpv5c
--> ssh-ed25519 1fcLUQ LQAjiINwW1SeiDWbmjmlvaqLT7IDpY98Md607ExXfEI
-ByMQ5vF4A4BL8YtPUzLr4+0FBcyMaXYKNKleppMZ/4w
---- h4IafmgjN7lxUBzJhadHNtfobrbiyOrprqEXbAZ/1jA
-p ãr°ïº8B±Ï)ŠaÛÂý9˜Ù½èm-š#Üvñ±Xx¿#F,<C±Ûm]!ÞqÎ.%$ºË:ÿÖ¢3&XÛ8G¼
\ No newline at end of file
+-> ssh-ed25519 MtGp6g VR/eDjL8NA1SXrxl9BoViA82jv50KRxRPAxmJKtJM3Y
+3NNm4LSzAjZTGe79IDgZRvKKTHuvv4iw1qioGaZ83AM
+-> ssh-ed25519 1fcLUQ 8A/Qh7uKXsZJW+ZPqcqzUUclK0kbdidUXZaQBiaSVlk
+grBP3+f3b6AKmPxLup8WGJAxaCzvwRO0qRMTBb6yQ3U
+--- EyJHui0OlOsEisaEkybG38OpEQ3yOvUab+t+W0SVQYM
+:Ù¥¿,ðRÁ¥G«Ëm7´bÛ:Ïá£É„©+_ÝK¤‚ò¾Œ-“‰'·3LfvÐ}ì¾5€n#ñFfÝó|ì´-{Ý1¿³
\ No newline at end of file
diff --git a/agenix/hosts/argon/forgejo-actions/token.age b/agenix/hosts/argon/forgejo-actions/token.age
index 9532902..8733c21 100644
--- a/agenix/hosts/argon/forgejo-actions/token.age
+++ b/agenix/hosts/argon/forgejo-actions/token.age
@@ -1,8 +1,8 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g JJ1gPB6MsDhl88Uqmy7yOTUq3IMAaj8D6qBmH5nw+Qw
-OTQMHWgQkQHfB0esVFSiUkr10PFbwz2/U8VDcGJNU2Y
--> ssh-ed25519 1fcLUQ ID/0P9r9EU4e6Y52mrgannG1/3/RUdZKCtc39399mEA
-9IVPiXeieAPvEwIZq7Z/MZxF9tYV1t+zWz+I1QZwFWg
---- K3rjoML1rRCddmclzm5ZXta/UPZX64lRDb/vz9T73rU
-˜¸)A‡^GÕd¹“
-RmjPù.µÁA,1…\çÄé;§c°{ŽÍÆxÇËþ¼XgÀØ´-‚Ü¨ÓÚHáÙ.bÔÝ¡V‡E<,ÇH
\ No newline at end of file
+-> ssh-ed25519 MtGp6g kzyaCPBTCUDBpcyFhqpVvgL3lVMSGa/UAz1oxm97awY
+VTeF8kJyfRt5tMTJwbhTHV3vwd13bAJTf36YcHkhxho
+-> ssh-ed25519 1fcLUQ kO1drlLeOatSuXRniq3cSDPzvExR0a7qOQp7U/LWKgQ
+e3yfN0tZGhlm5mrC/R4nNIv0/Zy7kKUY+S37MBNeD4c
+--- v/Yg+IfPH05GCBARg/WsNlgI0oLGdPvS6EPblOgUwbc
+±sHLüñ³
+U½Ðù”ëOŒèÅš/u¬àC*!ï¬íL‹êF:†àÄßÌìÒÞ[ö·[VçmwÃµ“h¢n"§9:¼FX˜¡eÈºÇ²/Î
\ No newline at end of file
diff --git a/agenix/hosts/argon/tailscale/authkey.age b/agenix/hosts/argon/tailscale/authkey.age
index 16d36a6..45f9cac 100644
Binary files a/agenix/hosts/argon/tailscale/authkey.age and b/agenix/hosts/argon/tailscale/authkey.age differ
diff --git a/agenix/hosts/argon/user/danielPassword.age b/agenix/hosts/argon/user/danielPassword.age
index fa4c063..df13284 100644
Binary files a/agenix/hosts/argon/user/danielPassword.age and b/agenix/hosts/argon/user/danielPassword.age differ
diff --git a/agenix/hosts/argon/weewx-proxy/environment.age b/agenix/hosts/argon/weewx-proxy/environment.age
index 2b135de..d966a74 100644
Binary files a/agenix/hosts/argon/weewx-proxy/environment.age and b/agenix/hosts/argon/weewx-proxy/environment.age differ
diff --git a/agenix/hosts/mediaserver/acme/credentials.age b/agenix/hosts/mediaserver/acme/credentials.age
index 2e443bb..5a9b854 100644
Binary files a/agenix/hosts/mediaserver/acme/credentials.age and b/agenix/hosts/mediaserver/acme/credentials.age differ
diff --git a/agenix/hosts/mediaserver/aria2/config.age b/agenix/hosts/mediaserver/aria2/config.age
index b9d044f..c2a6efe 100644
Binary files a/agenix/hosts/mediaserver/aria2/config.age and b/agenix/hosts/mediaserver/aria2/config.age differ
diff --git a/agenix/hosts/mediaserver/recyclarr/config.age b/agenix/hosts/mediaserver/recyclarr/config.age
index fb68bc4..a3ee873 100644
Binary files a/agenix/hosts/mediaserver/recyclarr/config.age and b/agenix/hosts/mediaserver/recyclarr/config.age differ
diff --git a/agenix/hosts/mediaserver/smb/havenCredentials.age b/agenix/hosts/mediaserver/smb/havenCredentials.age
index 30b7560..f59125f 100644
--- a/agenix/hosts/mediaserver/smb/havenCredentials.age
+++ b/agenix/hosts/mediaserver/smb/havenCredentials.age
@@ -1,8 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g h5GOBBF2beIOvnl8w/CwgECH5oNuvNWWAkDKabRuWQI
-usrDmkInaI9gzrOB9ijYSlQCrECnIjXzpk1DCHzLjmc
--> ssh-ed25519 Y94Yig 5kOW8xzErlI4pj+gwhcCtzlFazqHCRvh0Lm+pl70sBY
-tDEU5tO681A2duNLRwnTRLHl2lM5zXbn/Z27rYIe5Ls
---- 6t/tMFOXfA/QsVgZ7LRIgArtFU95kaeaQQG2rgdTRco
-™\¬Q—zuVøe×·E¤p––
-mxGd.	½Á2xbØÔtuV%vEÏÛÆÕ ]–“¿hYûv»ÜûCãI9Z±‰>ùÉr#xÃb+’†.Ú0î<Îô¿íe?‚Ôí¡
\ No newline at end of file
+-> ssh-ed25519 MtGp6g o3i6obbEu+xEOiVh68hOWxdT7oQzYFJzbLe0hmOhWRE
+Alxnr2A0aK1R24Lb3bhxh04SiKruH5kvRj/zIPFlflI
+-> ssh-ed25519 Y94Yig Fg1UtJpAdfpilz3qojuoBoSIL63y7G+rr9XZm3Ey5F0
+msl89vgYqM6N8sJOu4XFBC6HJbobCOuHPU0XvFLWmYY
+--- UwH9DC4bEojsQYYEtlxz6+emautmXE7QMMv9o9Ers30
+E&oO*œÙ÷	Ó›F1¥ªÅÙà˜ú/ðµ—¸ä\öÂ£œ5W£b­X½Ü®²˜Fº„Á†–w¢qèGiaÄ‚Îx –oe°*’ÜÓGüa¼C—‰zsJ24,öÜYîµfvÓ
\ No newline at end of file
diff --git a/agenix/hosts/mediaserver/tailscale/authkey.age b/agenix/hosts/mediaserver/tailscale/authkey.age
index 576fd29..38fcc36 100644
Binary files a/agenix/hosts/mediaserver/tailscale/authkey.age and b/agenix/hosts/mediaserver/tailscale/authkey.age differ
diff --git a/agenix/hosts/mediaserver/tubearchivist/environmentES.age b/agenix/hosts/mediaserver/tubearchivist/environmentES.age
index 0f98d0d..f93ea70 100644
Binary files a/agenix/hosts/mediaserver/tubearchivist/environmentES.age and b/agenix/hosts/mediaserver/tubearchivist/environmentES.age differ
diff --git a/agenix/hosts/mediaserver/tubearchivist/environmentTA.age b/agenix/hosts/mediaserver/tubearchivist/environmentTA.age
index 934e995..a40a32d 100644
Binary files a/agenix/hosts/mediaserver/tubearchivist/environmentTA.age and b/agenix/hosts/mediaserver/tubearchivist/environmentTA.age differ
diff --git a/agenix/hosts/mediaserver/unpackerr/config.age b/agenix/hosts/mediaserver/unpackerr/config.age
index 381f2f5..5060311 100644
Binary files a/agenix/hosts/mediaserver/unpackerr/config.age and b/agenix/hosts/mediaserver/unpackerr/config.age differ
diff --git a/agenix/hosts/mediaserver/user/danielPassword.age b/agenix/hosts/mediaserver/user/danielPassword.age
index c7c422d..7c8b44a 100644
Binary files a/agenix/hosts/mediaserver/user/danielPassword.age and b/agenix/hosts/mediaserver/user/danielPassword.age differ
diff --git a/agenix/hosts/mediaserver/wireguard/config.age b/agenix/hosts/mediaserver/wireguard/config.age
index 069ac44..4b03fdf 100644
Binary files a/agenix/hosts/mediaserver/wireguard/config.age and b/agenix/hosts/mediaserver/wireguard/config.age differ
diff --git a/agenix/hosts/neon/config.nix b/agenix/hosts/neon/config.nix
index 5d188c4..3de8578 100644
--- a/agenix/hosts/neon/config.nix
+++ b/agenix/hosts/neon/config.nix
@@ -8,6 +8,11 @@
       file = ./tailscale/authkey.age;
     };
 
+    controld-config = {
+      file = ./controld/config.age;
+      path = "/var/lib/controld/ctrld.toml";
+    };
+
     forgejo-actions-token = {
       file = ./forgejo-actions/token.age;
     };
diff --git a/agenix/hosts/neon/controld/config.age b/agenix/hosts/neon/controld/config.age
new file mode 100644
index 0000000..92c814b
Binary files /dev/null and b/agenix/hosts/neon/controld/config.age differ
diff --git a/agenix/hosts/neon/deye-mqtt/config.age b/agenix/hosts/neon/deye-mqtt/config.age
index 31e43f7..6c9578e 100644
Binary files a/agenix/hosts/neon/deye-mqtt/config.age and b/agenix/hosts/neon/deye-mqtt/config.age differ
diff --git a/agenix/hosts/neon/forgejo-actions/token.age b/agenix/hosts/neon/forgejo-actions/token.age
index 66963d6..a99108f 100644
--- a/agenix/hosts/neon/forgejo-actions/token.age
+++ b/agenix/hosts/neon/forgejo-actions/token.age
@@ -1,8 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g iPBhMI0tOa0yahpWa+AwEK9d56uBUPER7YCyLQEsSwE
-HktRuvzshZ75SeklGMSMKhWrPisZJj2l5qR/fiVPf1A
--> ssh-ed25519 60lgJw ThmXYdTkvVL7vtVBYuW35Cr9o84yDHUJXTPA2pmzkWE
-dteB7YkYXnPAX0uO8IakGuyNRCiYmxE84DS1KxVMEjQ
---- vrqL+o3G/o9XltkolyxW2/bmdYbG/1IolxDkhFo2Tek
-³¼Ó°Î€¼øœ)A%9%]H
-È!á¬ƒžCóö ¼èóTS£ëAf~K|–!ë'À½¾YÆb‹»¬Ñ²Oðï&øX½«[¼
\ No newline at end of file
+-> ssh-ed25519 MtGp6g 0SpDHrIEct2IP2y3uih/6zIflUcMHQWmOyxTC+zr9jE
+1uS4coo50NdJDnbO1SDjY/usId3trTatdWMwSZVORLk
+-> ssh-ed25519 60lgJw VTh8yqpjdlj8Rbi7opqUUnI40J86KW3Qb11OBQU6qWY
+8ElhS6xwa7mnQlUKbdj9rsjttY6MfyfXljefIILRQwY
+--- DdN/KlzuWoVjYfxyl0GOISwbM4XyWFzQc/iLLh5nTpc
+`ÆÙ£ætOåÿ<Y£|¯µ^!«mHåÅÙ—©Cú6PâœËy5°@D~×®€åàokÛïÊøµ—jž/Œ›ÿ‡âCŠïº…}éÒo
\ No newline at end of file
diff --git a/agenix/hosts/neon/mosquitto/passwordWeewxProxy.age b/agenix/hosts/neon/mosquitto/passwordWeewxProxy.age
index c430f56..171d901 100644
--- a/agenix/hosts/neon/mosquitto/passwordWeewxProxy.age
+++ b/agenix/hosts/neon/mosquitto/passwordWeewxProxy.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g lmMpdnyCRpMHEHdtsbobHDwdmLloqzmnVtWa8MXpDgI
-W5X+T4FSifdhUtqZJfCLZPl9OyEVFavT2Gu/wc8zB+Q
--> ssh-ed25519 60lgJw 5KdxUIiU1FuabCOlYS3vgKs01KG8V+CTw0++syUjojc
-16RHU6meNsOInbTJqRKBPQc6vsYpXjlMFmG4NvnXHyI
---- MMWUvlkrz3GozuUZcPyMInV/3DVZdlH/PfFmWW7t+D4
-*–ïð7Vª¼ëÿCzç:}÷M™ˆ^W[n?r ÛiÁ:VH‡Ž‹÷þ^v®bŠ_V´•,%[AÍnŽ´[£ªk“à>rÍÙÄ³ô¢ÚŽï•)Êºù÷ ¿å_‹_•Âò’ìdZIÌSÆüàB²ñÑÏí±%°”ìûò<ÏPRè8D?º=|“hœ†èL«D
\ No newline at end of file
+-> ssh-ed25519 MtGp6g P/pR7BxsYlzzbx8qdLj87JdT7t+yQs9Ws/s30tb4tUs
+sXfZ+YMoDaabn2ilTBs/1WQlZdjUcR9JmOMS+TN42MU
+-> ssh-ed25519 60lgJw UIvsaU2hMN9m2V7F/DSWWFxVVp3291c+YHPzT4Q2QRY
+U7vqk6Uu/Hs/WXgSA0ocCZBRMguvab3Ih/goUTTdvjU
+--- 9N8KkM6uNaUJuUUR7GkuoJ1oXH1yEMIaqUgIZ8M432c
+ÕQ;Cw%¤ ¨4dq60cêiÃI*èŸ@yå;\ÕðÍ7KÔ¢H$Í1ÿ5Oø+|Ô4˜çt|"‰!?Ð¸"˜Š•ÓOä·ß8ëž·–g{V‘v,IUº!3kÇX6íš§ÄAÚ’ƒ‰å±˜ê‘"¯?øó;rŠ	]×¢‘ÈíáC
\ No newline at end of file
diff --git a/agenix/hosts/neon/tailscale/authkey.age b/agenix/hosts/neon/tailscale/authkey.age
index 5403efa..fffe2db 100644
--- a/agenix/hosts/neon/tailscale/authkey.age
+++ b/agenix/hosts/neon/tailscale/authkey.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g Yjj3Is7pvIjmADdYml9T9cAqrFehxaZNLqnTeygsoR4
-fVM3UJp9X30jm9op5Mf8lY7orr2xgdY2ruOkduZxpTw
--> ssh-ed25519 60lgJw JiT32mwd55t9JJvUvDnfNmdgCReIluuSJ9NRsbyJ8i4
-DInJZIetUuIoDvBgCCHq1mBxrpT+XshL61V0bFznups
---- 1Y0YFM+WYxuHtPpH1bB4X9NLFuuvfktlW7rOnCaAeGQ
-X'ÁB×Lf…Ú¯bÚ,kŠ¨.G;5Ë5„õŸ9À!>ßMÕÅìù"uÑzæ¬«ûa™³ŽlªðôºFxF–ÍøG%ŽÑLGŠ€#ÿZøõw¥F=#!+rGáKâ
\ No newline at end of file
+-> ssh-ed25519 MtGp6g 4NcaIpSB/NuC7ak6Z0p00dcJCf2vk6FBoBPaA5AKJBg
+TgSMmrh/vu2hazlTD3O2GMD9zRxzyKuGRVGCPa8IN90
+-> ssh-ed25519 60lgJw 4xR/yHXjpKe75nrTD+iKlhHq6sdf/mQVZoD7MnHrsiE
+k4aPpXGr8oOvJSN2laDzQmK76zkVghp7+XOvOxdmKsc
+--- cnnWcddEeI3oNQ/Bd1+U+t2j2mkw1j/EHAkgKj75xPc
+’…†,ÆæVÔxÎ£0ù¼ani/K-pSÃöL«D¨6š<Zíß³—Ì£FyrÇ»©Ï³Æ'ðÂm³[ÿ!í¦‰QüÇ~^}¬a¢™ËÆ…@P?k½ËÛz
\ No newline at end of file
diff --git a/agenix/hosts/neon/user/danielPassword.age b/agenix/hosts/neon/user/danielPassword.age
index 8317253..d0df6a9 100644
--- a/agenix/hosts/neon/user/danielPassword.age
+++ b/agenix/hosts/neon/user/danielPassword.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g OES0bc+9FiKC+0Zr3gqRJbYPOa7xyUQxSvP6lxqCqSA
-sJYxWzPKdPdIHx8zdhcSbexhEHg2EQcfQmpD8iW+9i0
--> ssh-ed25519 60lgJw tNnXwS3vtSqssnJTe8s7NSFR97i6We5uXV5gUlRkfEg
-3Vku9TyhFAIcTagF/uyRgfeZ38Gyzr+3PJc/+A6JqS0
---- FalIpSsYo7ckQpWV43EYY8A57Kkpz5zsmLJ+s3SG85U
-ú×'3ô&u¨Ã>ÙòeÓ&åÝùüªzi¬m»Zƒ<œÛ	²f¬`ˆm\¯¯ØPÖ2:êìÔZ0§=V¶×,¦zLyjøÊ¡¹”ÐÜÇ\ýPP„!ZÒÐô.f¥WqªÄ@2kÃžü @“–sS£7{b¬pÁ	@sê‰Z~²ýÌÂ¹eùò”Õ‰
\ No newline at end of file
+-> ssh-ed25519 MtGp6g zaBFISqClcLuQv1/eDY3mb+F+uJ3w8lwGRcniTTEQEo
+C2b2/bDi95N6eZHfMvrHhMjEWDRVvB6oU8bDcIoA8qc
+-> ssh-ed25519 60lgJw i6EbgaucQ7IXMkcPKd3A7OObs1dW4mr37w3qGxF2dzc
+vEbtaukXAYiiv/IRCgz47HEyQAkMz7T50cH+anMgPxY
+--- SNsXB7mP/E1ovTjBlpFDHMmfvBfzr+PlOIPTykqyBxY
+»cÊY©g¡ÝB¦ƒ“gº÷+ÉU14ÁJ%ðH˜6þz<o1<B>Y:ÿ‚rtºED`@¥G`;7Î¥}Ð÷låé–p6™O¼þIíBË6 á¾ÀN†Ã»—ñ;o–°þR’æ.øúi_áÔl»-L1rÂS)ÂQÿ3ÊÝÙ†ŽhõüAu
\ No newline at end of file
diff --git a/agenix/hosts/tanker/acme/credentials.age b/agenix/hosts/tanker/acme/credentials.age
index 27d93e5..ffc19cb 100644
Binary files a/agenix/hosts/tanker/acme/credentials.age and b/agenix/hosts/tanker/acme/credentials.age differ
diff --git a/agenix/hosts/tanker/anonymous-overflow/config.age b/agenix/hosts/tanker/anonymous-overflow/config.age
index c53ba0a..88a215f 100644
Binary files a/agenix/hosts/tanker/anonymous-overflow/config.age and b/agenix/hosts/tanker/anonymous-overflow/config.age differ
diff --git a/agenix/hosts/tanker/atticd/environment.age b/agenix/hosts/tanker/atticd/environment.age
index 30a9bbc..52ae3ba 100644
Binary files a/agenix/hosts/tanker/atticd/environment.age and b/agenix/hosts/tanker/atticd/environment.age differ
diff --git a/agenix/hosts/tanker/fedifetcher/config.age b/agenix/hosts/tanker/fedifetcher/config.age
index 979b4ce..3017236 100644
Binary files a/agenix/hosts/tanker/fedifetcher/config.age and b/agenix/hosts/tanker/fedifetcher/config.age differ
diff --git a/agenix/hosts/tanker/forgejo-actions/token.age b/agenix/hosts/tanker/forgejo-actions/token.age
index 11b205c..6653d6c 100644
Binary files a/agenix/hosts/tanker/forgejo-actions/token.age and b/agenix/hosts/tanker/forgejo-actions/token.age differ
diff --git a/agenix/hosts/tanker/headscale/acls.age b/agenix/hosts/tanker/headscale/acls.age
index d9e2500..727e008 100644
Binary files a/agenix/hosts/tanker/headscale/acls.age and b/agenix/hosts/tanker/headscale/acls.age differ
diff --git a/agenix/hosts/tanker/headscale/dbPassword.age b/agenix/hosts/tanker/headscale/dbPassword.age
index 20af309..d9e7dbf 100644
--- a/agenix/hosts/tanker/headscale/dbPassword.age
+++ b/agenix/hosts/tanker/headscale/dbPassword.age
@@ -1,8 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g jjyJUuIeF4kTlnpxV1UD7/Vf47Rklt8/wDGaXBob1ho
-hmB9I+//919kNrIARykN+fagwpRxHM8sh4lbWlYxy38
--> ssh-ed25519 iO8/4g j87vWpjBLfBaClT/VEsO4BZhqcuh/yCeDw7UNC97bnM
-ZPVNFLEsNC0m3h/gYP1FxpSANbSp7C/Z/q4TJbUl4O0
---- uyI52UkrdqR6ZjPdVTxL3pjI8IWUTu3zXqNKE7l+bFI
-Å»N
-h6®aæf–z—âÄ7RHà?`;¾Á’uûâåW)ûÁ»¼É/‹¢¿Ýí#Œø´¥}nÃh%K
\ No newline at end of file
+-> ssh-ed25519 MtGp6g sSPrz6jGDcXTtpW0BmlZQxJ8luYHn/gFQ+0pVIQF0BQ
+9is8ct/dS+wVNZonIqhJPCqZrx95N02KhXolcv7VIYA
+-> ssh-ed25519 iO8/4g BV8tMkR4BEgxU6o09NOSXjSx/E9a3agZyxXVt98Za28
+yPOq/3wWbC92TykrjY04d3HVT74l7DGbUaCseeas7wk
+--- 6fuEWCylCk9MuvZCQK8fV63cHAvizVdOamzDCqSt1hA
+n~‚S»4ØršøUðy´:­£véˆ_èÁ®,Cö`^¡ò“w]Rxé¯b½ð€‡ZK’9ÜM
\ No newline at end of file
diff --git a/agenix/hosts/tanker/invidious/databasePassword.age b/agenix/hosts/tanker/invidious/databasePassword.age
index 18ce196..22345fe 100644
Binary files a/agenix/hosts/tanker/invidious/databasePassword.age and b/agenix/hosts/tanker/invidious/databasePassword.age differ
diff --git a/agenix/hosts/tanker/invidious/extraSettings.age b/agenix/hosts/tanker/invidious/extraSettings.age
index 18c6bc9..8f2a3c0 100644
Binary files a/agenix/hosts/tanker/invidious/extraSettings.age and b/agenix/hosts/tanker/invidious/extraSettings.age differ
diff --git a/agenix/hosts/tanker/linkding/environment.age b/agenix/hosts/tanker/linkding/environment.age
index 78ef3f2..0320be6 100644
Binary files a/agenix/hosts/tanker/linkding/environment.age and b/agenix/hosts/tanker/linkding/environment.age differ
diff --git a/agenix/hosts/tanker/mastodon/databasePassword.age b/agenix/hosts/tanker/mastodon/databasePassword.age
index 24220cf..e012ff2 100644
--- a/agenix/hosts/tanker/mastodon/databasePassword.age
+++ b/agenix/hosts/tanker/mastodon/databasePassword.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g 3aSggyvFMN8aqkqekdzmKDjLZZZCXGlAyDY7QgdZ10c
-CvpC6ddlq1cFixaT2YIUWGRs7FwjUTc/FHpVD1U+xoM
--> ssh-ed25519 iO8/4g xvYTjf6wC9GkzcAwIpzrt76TlyC5FjzuOL7bQ0pBZ3E
-krlcA7fsAfTf7IvLmZnWe9OOtevtqBMLQ3BhapusLu0
---- lUsLtpAmkNnCBYN4DW7Ovv5WatY77bxU8WzFxrDUT0k
-†ýÄôÌÞ­Ö%ÕFªFó‹˜ÄÜìúÜ‘9Ç¹¾Vàƒ4ÐX£&Àðk´C	žÈ
\ No newline at end of file
+-> ssh-ed25519 MtGp6g Tolhog6FRxvpRD9gALDfnoY6F6rjnCJzBE6fE48v/3E
+CXz3Zou6kiCAag9/eHZTtgNtuj5PpCjpxpfeOS48/KI
+-> ssh-ed25519 iO8/4g +sY39ypBIOi+62G0ONUb42wnmw4jP5qqix6TDDRuyw4
+LzzxdXntTvZrZ2/5IR383cQtyd2siSGxupLCF2HTHHA
+--- vtCHiQSA5lcRT+QYK0NN4y8rrB3pwstK3MmZMuy5nwM
+ ú‡¢7_},Ã=ï4z‡ý6Íª+^iû!4jb=Òþ@O°7F"à¥çqÙ¾oõªïú
\ No newline at end of file
diff --git a/agenix/hosts/tanker/mastodon/extraConfig.age b/agenix/hosts/tanker/mastodon/extraConfig.age
index f5b9a5e..0eaba29 100644
Binary files a/agenix/hosts/tanker/mastodon/extraConfig.age and b/agenix/hosts/tanker/mastodon/extraConfig.age differ
diff --git a/agenix/hosts/tanker/mastodon/otpSecret.age b/agenix/hosts/tanker/mastodon/otpSecret.age
index 6593b10..a6b591b 100644
Binary files a/agenix/hosts/tanker/mastodon/otpSecret.age and b/agenix/hosts/tanker/mastodon/otpSecret.age differ
diff --git a/agenix/hosts/tanker/mastodon/secretKeyBase.age b/agenix/hosts/tanker/mastodon/secretKeyBase.age
index 0b12bc4..d661fa3 100644
--- a/agenix/hosts/tanker/mastodon/secretKeyBase.age
+++ b/agenix/hosts/tanker/mastodon/secretKeyBase.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g 93q5ZFFGPdXx7WNOKTb4hkowNMgkSPKQHBgLJlhWzmI
-JftX5B3KbeY9s+i9knW2342VrOdxV2R0Mdjsb+p0bUk
--> ssh-ed25519 iO8/4g WsODmvvePjjeGYtH7+jxhVs4LXOh2LhcITfHFjfJvh8
-J+K3VlaU2EesG1qwyugB+iX3DTfOQm628pnL6rEBWSI
---- kTfUi7TPuMQ19ScUGDf4kC0+MxJ/uRoHNBaqLgTbUS4
-‘Ú2D½™Å‰ry€SáŠ¹³`+çC×io<ðœÅ‚v¬ÊÞŽ’ÄfÙ;apð2>UWclàÁÖ|xÀõ&uýæÅÄ˜/Hà_W˜Ó¦9ðëv¼ÀªXQÛ«3,tfO^Ö­è]€×àoÏ\•SÅj¹¸C÷S1C8Ÿ$ÅŠ¹äÌnJãB\“zqê×Ù­”ŽÙu¨?Ô›#OÞzî©ê	”
\ No newline at end of file
+-> ssh-ed25519 MtGp6g jaVroUU31NGKebNI3Z3vCY8M/1OVOFx42yLHZtZHhAk
+4kbdiBQODlCc5SK1cVpZ3D6+U653AUriptyxUiXkcnQ
+-> ssh-ed25519 iO8/4g rgHTCPQY/bVcKgPs2O+h5hR2qZqI8ZsMlNDczuIXBBA
+YQ2Nfi9N8Uf1fFjmp2YuC4u8Xt7Y9BuSvG9GvHrFXYM
+--- OHMVVHKUxtE3kT4f8obDNIV5EwXj1SYfOeUhrsEVUS4
+—?ÇKXâY6ŠcŸ‰MÒ¤/«ô:…gñûrä­‡­²%FAñàT:ž9ŒáÜàAøÁÀÎÆ6ÄÇ‡âªÛa eõžœ{ªÛcDd¢3Œã0á+)ÑâÉ‘kðð¹Æw¤HþÌú?0ô¦--Ø—ÚüIP¿(€¼ä5¶êÜ‹‹ó‹Í~`»íƒkeGÌ§(TOOSðOziï†ˆïãäÙ?Ý
\ No newline at end of file
diff --git a/agenix/hosts/tanker/mastodon/smtpPassword.age b/agenix/hosts/tanker/mastodon/smtpPassword.age
index 0cf0bcb..80c6c67 100644
--- a/agenix/hosts/tanker/mastodon/smtpPassword.age
+++ b/agenix/hosts/tanker/mastodon/smtpPassword.age
@@ -1,7 +1,8 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g S59+7nBcwUqmONsoZVdj38AMFzUSBPIKlU/6BQCFbW0
-EpOmNgPcTvCBcCPM2ZdWKFASdyhPXrqc0xKxLzq1Lkg
--> ssh-ed25519 iO8/4g KHUD8PEe1p1AvLnCPivlZXo31kxEd0kKKI0mH2s7aRk
-UYzLkfqxjfaAabMjvkqsQWTkpcxtW3X8cdPN7gg99oE
---- q/zcloAH4/+9eUCVyn4v0+nH+lBiWRJE6A5IVB+vdNY
-qp¾¢°#há;ðÃ"íþ|õôšÎw Î5Ù-&°J÷!¢RØSª¦—¢Ýf:ÖTðÁŽZ·bˆ0­DK>9÷«Ët9ýr©Fu¸r#'\¾
\ No newline at end of file
+-> ssh-ed25519 MtGp6g BsPbHvr/DUsmpRHWdzq0XjNlIIW3d2H6zcnwYPiKZCc
+jGCdAtouZ2XwH+vjBEd7X9LGca3yX3niwrONosmXJAw
+-> ssh-ed25519 iO8/4g 42C2Q3Jr0KmxzNIOGJ05Tw5OfdgXD2J1O/cUb9K4NQU
+q11JZaiMIbvBWKsSPgM9Kxp7XFC7uu5r7i38zwLX1zo
+--- +otr4g+Ghtg3/uNzG7WLC8KwbjUje4xAmMuTQw2LBp4
+÷Äó‰çi|–×¨oÑE}òÐÂÿ>UD¿‰Î¾–VI½
+ÕÉ|O~ƒ«éŒÕ#‘©º°º	Ec sŽ`ïƒî”‘’ð²}ïŸ=¶ÏÍkA½ªõ
\ No newline at end of file
diff --git a/agenix/hosts/tanker/mastodon/vapidPrivateKey.age b/agenix/hosts/tanker/mastodon/vapidPrivateKey.age
index 8ece4be..5d3575a 100644
--- a/agenix/hosts/tanker/mastodon/vapidPrivateKey.age
+++ b/agenix/hosts/tanker/mastodon/vapidPrivateKey.age
@@ -1,7 +1,8 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g 6l7ucBDt2QaSxP7T1W0Jn+SOzA9vxXqWhn7ZohjRyWQ
-4msxRKtsZocw++f6aZ2Cm2UrpMqMYg5cvr30ftATWYM
--> ssh-ed25519 iO8/4g 608PBe4+GKnCYRRBpQsPJ76d7RYm9bTutdBnHpMMFFk
-Jo8oJnL1HOKCKJT+HJ2XEwMzFXuhmqe3AoBdV602emM
---- 3GgleiDXwamkb9QrotzMuLzr3MZeJ0BEvCY2LenNQOg
-+xC‘Ï•ûäŒ‡ñì!÷¼6Ù®X^¸LO‹ð"´‡añÍ·Ò“o5˜´œ6«W»u¿ôpãµÉÎqÄ[qN¹ò;œå¢§ð
\ No newline at end of file
+-> ssh-ed25519 MtGp6g rnlYnWy9ebJH15Eq9uz1VN/YH0xjjoEdmWBRZotlDTg
+qfLmixiKSZQUyODog4zHNa2Yx5CrZJSGQsk4LR/mrcw
+-> ssh-ed25519 iO8/4g 8ibZ80NTd5dNbWmHvv2pVH9wzq7Swphnf1jy6V8ozT8
+0rPOKcpOwHOgE0dWVjF7SGqE2t8FVJIhe2IA5pV9QUA
+--- BgmQwe/+IlY6Ve74IsQt7+GmZfR2j7Eo7pi+Yi/zsDM
+?æ
+™:	Î¾:‰‘/ûUŽ,à‘ã_¼ù¥`¬Gˆv’þ÷ï»(,_*5¯§ÅÀ’K‹ð^z¢øñaè®«H {,×RÄÏ.!m]®¢
\ No newline at end of file
diff --git a/agenix/hosts/tanker/mastodon/vapidPublicKey.age b/agenix/hosts/tanker/mastodon/vapidPublicKey.age
index e1569d9..e43ef22 100644
Binary files a/agenix/hosts/tanker/mastodon/vapidPublicKey.age and b/agenix/hosts/tanker/mastodon/vapidPublicKey.age differ
diff --git a/agenix/hosts/tanker/mautrix-signal/config.age b/agenix/hosts/tanker/mautrix-signal/config.age
index bc2e1f4..aaa4c30 100644
Binary files a/agenix/hosts/tanker/mautrix-signal/config.age and b/agenix/hosts/tanker/mautrix-signal/config.age differ
diff --git a/agenix/hosts/tanker/mautrix-whatsapp/config.age b/agenix/hosts/tanker/mautrix-whatsapp/config.age
index ad3c18c..2e46620 100644
Binary files a/agenix/hosts/tanker/mautrix-whatsapp/config.age and b/agenix/hosts/tanker/mautrix-whatsapp/config.age differ
diff --git a/agenix/hosts/tanker/miniflux/credentials.age b/agenix/hosts/tanker/miniflux/credentials.age
index 5e9d358..13b14ec 100644
--- a/agenix/hosts/tanker/miniflux/credentials.age
+++ b/agenix/hosts/tanker/miniflux/credentials.age
@@ -1,8 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g oZsl3PPvlAorrBUF/NTOMyh2KHVwKiECN0v/JkKjtC4
-d0dUtH3ccmUGKGasnJmgNPGgRX+m7ay2SZyTQmQnS9Q
--> ssh-ed25519 iO8/4g tLneEy5uxLTSQN7QfJg9qv4xlXnpvMlMOSJ5kVUDYx8
-AbC1zlEyHU6Ksv7UyBo0B/QDqtZndiQ9hoJqk8CHOmI
---- CC1Q4O2318hUxt3uyHomz7gtzob5VE3APnNP/or274Y
-g±X†fŽÉN"“ð$‚/`®³·Ñ
-eP$j ‘M!‚$+üEPŸÙ‚ nÐÄà"¸Çõ!Å-âµD0‡™ì	>ÿ"$¯i>ø2Ê;‚ô®Ÿ&¶væjÃ ì™gé6¹$Eš–»
\ No newline at end of file
+-> ssh-ed25519 MtGp6g Po2JB3/ywvPePbEg4dGQx63n0PIqwOGwXyBofzFph18
+Wm9aEV35tmtXmet8itlpB48KfrAdp3fiNVH2qAlc3oQ
+-> ssh-ed25519 iO8/4g MDzT1+ibfKNZ6Nwluq/6lXyrEOG3BhQncnXG2A/XtwE
+sbKwj57VCubv/kRYWMHqyPg+MXlLctymoO0GXEbHwt4
+--- 5XFypumQeXZ56l7ccbem29gHv8Ia6c+C3vtpggDhh/Y
+&%ÛÒy™'‰¨xÍ±ø= E„f4†×¹~áÔ¼™WÄ†öÁ­m¼E¾O/óÏ_æ_Ý+üNTœžËñ}Œù–!@$²zQÒ7úÊTcçý<†è½ÔÑ2_¡Äè–ä8v2Y&D”$/
\ No newline at end of file
diff --git a/agenix/hosts/tanker/mosquitto/passwordWeewx.age b/agenix/hosts/tanker/mosquitto/passwordWeewx.age
index 27bee40..c58efe2 100644
Binary files a/agenix/hosts/tanker/mosquitto/passwordWeewx.age and b/agenix/hosts/tanker/mosquitto/passwordWeewx.age differ
diff --git a/agenix/hosts/tanker/mosquitto/passwordWeewxProxy.age b/agenix/hosts/tanker/mosquitto/passwordWeewxProxy.age
index acc9534..e0dfce8 100644
--- a/agenix/hosts/tanker/mosquitto/passwordWeewxProxy.age
+++ b/agenix/hosts/tanker/mosquitto/passwordWeewxProxy.age
@@ -1,8 +1,8 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g qq19PBr7tgpasCQQi8nSyV+3VShgoOkAwVRobYFkeDE
-euICZSoSET5kikwN2JMkD6l5w26CPBoxTv+R7Uqkm7Y
--> ssh-ed25519 iO8/4g Qs98juX0VMLd4qeUZDlgx3KT8hkE/ksNNWQnEFBiJF0
-NaxDEXUo5F3Es59BCVUn5Qx7pxPDyQYTiggVGbTggI4
---- LBAROexrrljIl9DHzIWLhB373SqiQVqr46/otLElagU
-ÈS}£ÓŸßõ¨}5”Þ
-LçR”X1x¼T® ÔäÝ”G„›k(E¦ÖÑãu±áî¯t÷´ÚÿW¼»cj2õGˆ³üàÏöA%zò™Ž¡gðÜ(¶ ’ƒÔTM´æÑ÷Ã¡_ë3åÛžŒ)Q¹ë½µ™3ûã0¾4#8é¹ç°Fr›|¤e	èºÁìñPÅ
\ No newline at end of file
+-> ssh-ed25519 MtGp6g st5isrw0b9Ev3+B0Zi50vkzAX+otZOf7XS/Lw/Kzq3w
+XhPB68qMaou3Gy6nwq5t8g/JqJoDLlw7fktLBOWTKXU
+-> ssh-ed25519 iO8/4g z6CD3bE7up8JpdC26javMn4ik6IhUHMSmei2CbxO3Gk
+c7gGLNMBQ5i9S4/ePz+SIm1C7NCmRu1Ru+2C08NsAYU
+--- TgWpTD2M5iJw0qeAhIeO9I77JNPYKzMDj8yo+lrXL9g
+2ÛT4Ÿäüi¬'²É«1ëD·–ÛÔ„)ZUˆRbFÈž¿èÛx_è”j¸ÉG"gƒ9žæŠà)ï[	çB_ŽUuËîÜjBL`PbïQI¯Ö£9º½ãõýœÏAðÖñ Iý—3c9}§çl7×3$“d$Ì}xäÁmGÒ
+c5ûW¶wœ½
\ No newline at end of file
diff --git a/agenix/hosts/tanker/msmtp/password.age b/agenix/hosts/tanker/msmtp/password.age
index 7ea8705..e18072f 100644
--- a/agenix/hosts/tanker/msmtp/password.age
+++ b/agenix/hosts/tanker/msmtp/password.age
@@ -1,8 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g 9Pz3m08c3BUg8h+avLzN/A6T21ZjW5WJBjL7GFDBSX8
-SjuwIJLJoW11NpbHbZ9Le8KasiHXJx+VrylsxEys5AE
--> ssh-ed25519 iO8/4g fpMU+i751dqWlOWIuXM59bXWlK+inW+oiAChdZ3S0kg
-PdaffaIeozO5gkwkZ10+TP8QO8+a4OgVQe3dDY7H/Ng
---- 69RuAcJ8zaLpDx0zNXQ/U7xxlVcc9GzgTvASVBMgg98
-ŸzÓ;@f·óß»0—Ÿ`>#j¬ïš|CÉY–!ºw„?­“Fñ½Å[%Ÿd>¹]â
-*)•s£ t`ß]Ï‰x±}žmG‹‰5è‘M´
\ No newline at end of file
+-> ssh-ed25519 MtGp6g SZU0PkBYXzSMsrN9Pl4UGgIsZJdV/YkavluXrG9ZtAU
+XA9SVqNhwGGAZgpKdN9SlIGx+0N2znIu6Kum5vM6ClY
+-> ssh-ed25519 iO8/4g Eb/c+oIhh592be+BfzfYDdd5LjsJVc4zpN9ygCjQMQM
+p6KBOQ4P3PPCyKZRVoLCaEZULemAqTzafqCFk3d4pTI
+--- ysLTwLYlT5Av2g7uYikqwLvU8GF1sy+JUP5hpzHMzaI
+È}|è‹DñpíÎ«K…è´g ¢Pˆ)Jê%‡==4vCBëÓÔ×[$÷I<·pŽ‡")6ž «5t„Z®ÕLT¬f¹^–½qXFA6
\ No newline at end of file
diff --git a/agenix/hosts/tanker/proxitok/environment.age b/agenix/hosts/tanker/proxitok/environment.age
index 4966f57..28287b3 100644
Binary files a/agenix/hosts/tanker/proxitok/environment.age and b/agenix/hosts/tanker/proxitok/environment.age differ
diff --git a/agenix/hosts/tanker/synapse/extraConfig.age b/agenix/hosts/tanker/synapse/extraConfig.age
index 01455f6..22e4df5 100644
Binary files a/agenix/hosts/tanker/synapse/extraConfig.age and b/agenix/hosts/tanker/synapse/extraConfig.age differ
diff --git a/agenix/hosts/tanker/synapse/slidingSyncConfig.age b/agenix/hosts/tanker/synapse/slidingSyncConfig.age
index 9ff30aa..ea0dab1 100644
--- a/agenix/hosts/tanker/synapse/slidingSyncConfig.age
+++ b/agenix/hosts/tanker/synapse/slidingSyncConfig.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g IvxSpUKtTuZH2IaJu7lyzYj5CKbGdrpbJys/ycL4+Q0
-rI//+Mq9R/wu/kel9QIXqTzqf/OHYP/GoSVfbA1aaMA
--> ssh-ed25519 iO8/4g nzawzM0ENbMVQt+WU+gCGWAHJ0PxeUSOtOckZ6LwnAw
-JxeYgKyFuIfDGiAEpzRpnZtLcdRfFkcoCSR5UYBkopQ
---- vMzq4rKzuNP7RPYDzUwMW0ndPi2kfuU/7HS1XDZFA4M
-^²? _ž4ACðRüÉ„ô=Xc¿‡G#üØÀ%çè"6ûöhQ±½Ùs!iÿäµ6ýôÌ±ÐäÀpö4éAœÄTN³u?—¸‡8zÌÆ6>ö‚ýÝ˜j%Ð‹ÍìêZÛŽß9‚Å²”P!°–µQ
\ No newline at end of file
+-> ssh-ed25519 MtGp6g YgFgAfWmCNZOSvchBNtzWVJ12hOy4cz+cf2USX5G1nU
+q34B1mmikgsEvjQCABO1p8zQmPs8G8C4jntGR3R6kBk
+-> ssh-ed25519 iO8/4g joeMwo/GcL2nzC2q6mHJlUF3lOOETfquZctJxgODO2c
+2LyqGNfFiLURJeVfP94VKejXjTlamzR95cp8mPZr/Ls
+--- L6JZkciLimJgEXsv5kZWZD0q0wvCjXH4C9AIx4/bNO8
+AÔ1mº~K=v,v’ÎéI°G¡”c)TWùâxwÏö!•ëW/Y{³˜°ÂóhÝí/C“ãAâËês3µœ†ÛodÏÑ¸?	ôç¬ô’DŠ¦=•ìuà!uÑNŒØ<Kº•x0÷{KuÈ
\ No newline at end of file
diff --git a/agenix/hosts/tanker/tailscale/authkey.age b/agenix/hosts/tanker/tailscale/authkey.age
index 87827a6..d7a3377 100644
Binary files a/agenix/hosts/tanker/tailscale/authkey.age and b/agenix/hosts/tanker/tailscale/authkey.age differ
diff --git a/agenix/hosts/tanker/user/danielPassword.age b/agenix/hosts/tanker/user/danielPassword.age
index f0cd58d..8350d3c 100644
--- a/agenix/hosts/tanker/user/danielPassword.age
+++ b/agenix/hosts/tanker/user/danielPassword.age
@@ -1,8 +1,9 @@
 age-encryption.org/v1
--> ssh-ed25519 MtGp6g 33cTkM+eMLqkyQxguLyXL5GFbj5mjGIgf5RpzvEmiww
-YrpHiYXfRe4o30/TOUG/apUJKYixkCHAxB7lm0SIrFc
--> ssh-ed25519 iO8/4g TUm//OLby0a96Lg73WOY+wYKJnQWPW+/kzCLoglO1F8
-mv37N2N/hh4dl8z78faQcEoeBDlCMTGqliK2s9PNKv0
---- rsMX+MSTADIW54Zf5F8BzMHz/xsloZtuW+Osh77WaX4
-xî¼å^'æâqÏŠ8h?‡fSÏÐwùoF¹t}uw£@Å[ŽçtÂâº%¤K‹,"’6~6KáÁïw·ä¹³€¯@†BNíW^q,¸Å%Û6¢o ›ˆJYb(¨oËª&-È
-g\5¯ ;™¤€Ó=^$Ø?<—ò~öVå
\ No newline at end of file
+-> ssh-ed25519 MtGp6g ib+7tvC/Q/xGXm2u/tJinm3X20jyd8n3kDIH3cOigV4
+5nldpotX/SrGaycKzIpd3nkWU5TQdjH81bj3lq22TEs
+-> ssh-ed25519 iO8/4g /BiZHsIXBkhNnEEB3mVrs8Z1QnZtu7vHhFJZWqX0TWI
+y+CRATwv6GjQn9M3l5rC/I+N5rADI7o2ILMstomWE8c
+--- j8vYz1+/o5NSfpvFGSBM8OkZPbeI+rmUZewdFAjUO0w
+Â'µó‹¥á·“VÏ‘_ëS§.uº
+´Ãè]¿zîÒ‚	PÞ¾%L
+-†B¨Mÿ¶`ý±ÐÞHæÔ¿DqPà›|2&ùj¢èV?‰EÃËÌIâ´Ý€—~ÇtzT‹³g‚@·6ÀÄì6tË¶ÇYêQÈhÜa‘Â/ŸwÚ2IEéú¢¡
\ No newline at end of file
diff --git a/agenix/hosts/tanker/weewx/config.age b/agenix/hosts/tanker/weewx/config.age
index 0aa81c6..601b4f6 100644
Binary files a/agenix/hosts/tanker/weewx/config.age and b/agenix/hosts/tanker/weewx/config.age differ
diff --git a/agenix/hosts/tanker/weewx/skin.age b/agenix/hosts/tanker/weewx/skin.age
index 69edd37..ce68980 100644
Binary files a/agenix/hosts/tanker/weewx/skin.age and b/agenix/hosts/tanker/weewx/skin.age differ
diff --git a/flake.lock b/flake.lock
index e8daf5d..854ccb7 100644
--- a/flake.lock
+++ b/flake.lock
@@ -372,11 +372,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1721996913,
-        "narHash": "sha256-eqbhEBObarS6WsI0J1PVACQ8fXeq9OmSS0+iXBegoOI=",
+        "lastModified": 1722067813,
+        "narHash": "sha256-nxpzoKXwn+8RsxpxwD86mtEscOMw64ZD/vGSNWzGMlA=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "bc2b96acda50229bc99925dde5c8e561e90b0b00",
+        "rev": "975b83ca560d17db51a66cb2b0dc0e44213eab27",
         "type": "github"
       },
       "original": {
@@ -549,11 +549,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1722019215,
-        "narHash": "sha256-69inO5HaszNGps14VWQerwf2gxLwPC3KaDRgfmO7E2c=",
+        "lastModified": 1722061360,
+        "narHash": "sha256-1VVW4OOrpyKohagGDfaHAbRANad+OE+PnR4PDvF8vSU=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "816155d48f918b88cc96ae990d8e1ccafb76fc15",
+        "rev": "4a39c8d0b533fd8347bf7a01609434b0949f2864",
         "type": "github"
       },
       "original": {
diff --git a/secrets.nix b/secrets.nix
index c32e0d6..fda8f1e 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -107,6 +107,8 @@ in
 
   "agenix/hosts/neon/tailscale/authkey.age".publicKeys = neon;
 
+  "agenix/hosts/neon/controld/config.age".publicKeys = neon;
+
   "agenix/hosts/neon/forgejo-actions/token.age".publicKeys = neon;
 
   "agenix/hosts/neon/mosquitto/passwordWeewxProxy.age".publicKeys = neon;
diff --git a/system/hosts/neon.nix b/system/hosts/neon.nix
index b32cee9..e1703e5 100644
--- a/system/hosts/neon.nix
+++ b/system/hosts/neon.nix
@@ -19,6 +19,8 @@ in
 
     ../nixos/chrony.nix
 
+    (import ../nixos/controld.nix (args // { podmanDNS = true; }))
+
     (import ../nixos/forgejo-runner.nix (args // { inherit secret; name = "neon"; tag = "ubuntu-latest-arm64"; nixTag = "arm64"; }))
 
     ../nixos/mosquitto.nix
@@ -26,6 +28,9 @@ in
     ../nixos/rtl_433.nix
 
     ../nixos/tailscale-router.nix
+    ../nixos/tailscale-nodns.nix
+
+    ../nixos/unbound.nix
 
     ../nixos/container.nix
     ../../container/deye
diff --git a/system/nixos/controld.nix b/system/nixos/controld.nix
new file mode 100644
index 0000000..aeb2f85
--- /dev/null
+++ b/system/nixos/controld.nix
@@ -0,0 +1,44 @@
+{ pkgs, config, lib, podmanDNS, ... }:
+
+{
+  systemd = {
+    services.controld = {
+      description = "Control D DNS/53 to DoH Proxy";
+      startLimitIntervalSec = 5;
+      startLimitBurst = 10;
+      serviceConfig = {
+        ExecStart = "${pkgs.controld}/bin/ctrld run -vvvv";
+        WorkingDirectory = "/var/lib/controld";
+        RestartSec = 120;
+        LimitMEMLOCK = "infinity";
+      };
+      after = [ "network.target" ];
+      before = [ "nss-lookup.target" ];
+      wants = [ "nss-lookup.target" ];
+      wantedBy = [ "multi-user.target" ];
+      restartTriggers = [ "${config.age.secrets.controld-config.file}" ];
+    };
+
+    tmpfiles.rules = [
+      "d /var/lib/controld 0750 root root"
+    ];
+  };
+
+  networking.firewall.interfaces =
+    let
+      interfaces = lib.mapAttrsToList (_: lib.attrsets.attrByPath [ "matchConfig" "Name" ] null) config.systemd.network.networks ++ [ "tailscale0" ];
+    in
+    builtins.listToAttrs
+      (builtins.map
+        (iface:
+          {
+            name = iface;
+            value = {
+              allowedTCPPorts = [ 53 5353 ];
+              allowedUDPPorts = [ 53 5353 ];
+            };
+          })
+        (builtins.filter builtins.isString interfaces));
+
+  virtualisation.podman.defaultNetwork.settings.dns_enabled = lib.mkForce podmanDNS;
+}