diff --git a/flake.lock b/flake.lock
index 257001c..fa226b5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -54,16 +54,16 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1635844945,
-        "narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=",
+        "lastModified": 1636623366,
+        "narHash": "sha256-jOQMlv9qFSj0U66HB+ujZoapty0UbewmSNbX8+3ujUQ=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649",
+        "rev": "c5ed8beb478a8ca035f033f659b60c89500a3034",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-unstable",
+        "ref": "master",
         "repo": "nixpkgs",
         "type": "github"
       }
diff --git a/flake.nix b/flake.nix
index 8af8313..e53e439 100644
--- a/flake.nix
+++ b/flake.nix
@@ -2,7 +2,7 @@
   description = "Delft Deployment";
 
   inputs.deploy-rs.url = "github:serokell/deploy-rs";
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/master";
 
   outputs = { self, nixpkgs, deploy-rs }: {
     nixosConfigurations.bastion = nixpkgs.lib.nixosSystem {
diff --git a/hosts/consul/configuration.nix b/hosts/consul/configuration.nix
index 7373578..28e3e5d 100644
--- a/hosts/consul/configuration.nix
+++ b/hosts/consul/configuration.nix
@@ -11,7 +11,7 @@
     ../../common
   ];
 
-  networking.hostName = "vault";
+  networking.hostName = "consul";
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
@@ -24,18 +24,5 @@
   # Additional packages
   environment.systemPackages = with pkgs; [ ];
 
-  # Vault
-  networking.firewall.allowedTCPPorts = [ 8200 ];
-
-  services.vault = {
-    enable = true;
-    # bin version includes the UI
-    package = pkgs.vault-bin;
-    address = "0.0.0.0:8200";
-    storageBackend = "file";
-    storagePath = "/var/lib/vault";
-    extraConfig = ''
-      ui = true
-    '';
-  };
+  networking.firewall.allowedTCPPorts = [ ];
 }
diff --git a/hosts/nginx/configuration.nix b/hosts/nginx/configuration.nix
index 56edd74..fa0de25 100644
--- a/hosts/nginx/configuration.nix
+++ b/hosts/nginx/configuration.nix
@@ -48,6 +48,15 @@ in {
       };
     };
 
+    virtualHosts."zookeeper-dev.0x76.dev" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://10.42.43.28:8085/";
+        proxyWebsockets = true;
+      };
+    };
+
     # Kubernetes endpoints
     virtualHosts."0x76.dev" = k8s_proxy;
     virtualHosts."zookeeper.0x76.dev" = k8s_proxy;
diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix
index 28e3e5d..7373578 100644
--- a/hosts/vault/configuration.nix
+++ b/hosts/vault/configuration.nix
@@ -11,7 +11,7 @@
     ../../common
   ];
 
-  networking.hostName = "consul";
+  networking.hostName = "vault";
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
@@ -24,5 +24,18 @@
   # Additional packages
   environment.systemPackages = with pkgs; [ ];
 
-  networking.firewall.allowedTCPPorts = [ ];
+  # Vault
+  networking.firewall.allowedTCPPorts = [ 8200 ];
+
+  services.vault = {
+    enable = true;
+    # bin version includes the UI
+    package = pkgs.vault-bin;
+    address = "0.0.0.0:8200";
+    storageBackend = "file";
+    storagePath = "/var/lib/vault";
+    extraConfig = ''
+      ui = true
+    '';
+  };
 }