diff --git a/flake.nix b/flake.nix
index e9983bc..a2f0d1f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -95,6 +95,7 @@
         # This only support bash so just execute zsh in bash as a workaround :/
         shellHook = "zsh; exit $?";
         buildInputs = with pkgs; [
+          colmena.packages.x86_64-linux.colmena
           fluxcd
           k9s
           kubectl
@@ -103,8 +104,8 @@
           nixfmt
           nixUnstable
           vault
-          (vault-push-approle-envs self)
-          (vault-push-approle-approles self)
+          # (vault-push-approle-envs self)
+          # (vault-push-approle-approles self)
         ];
       };
     };
diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix
index 21b81a5..7173acc 100644
--- a/nixos/hosts/olympus/dns/configuration.nix
+++ b/nixos/hosts/olympus/dns/configuration.nix
@@ -1,15 +1,15 @@
-{ config, pkgs, hosts, ... }:
+{ config, pkgs, hosts, flat_hosts, ... }:
 let
-  inherit (builtins) filter hasAttr;
-  localdomain = "olympus";
-  # TODO: use location attr in hosts
-  hosts' = hosts.${localdomain};
+  inherit (builtins) filter hasAttr attrNames;
+  hosts' = flat_hosts;
+  domains = attrNames hosts;
+
   ipv6Hosts = filter (hasAttr "ip6") hosts';
 
-  localData = { hostname, ip, ... }: ''"${hostname}.${localdomain}. A ${ip}"'';
-  local6Data = { hostname, ip6, ... }: ''"${hostname}.${localdomain}. AAAA ${ip6}"'';
-  ptrData = { hostname, ip, ... }: ''"${ip} ${hostname}.${localdomain}"'';
-  ptr6Data = { hostname, ip6, ... }: ''"${ip6} ${hostname}.${localdomain}"'';
+  localData = { hostname, location, ip, ... }: ''"${hostname}.${location}. A ${ip}"'';
+  local6Data = { hostname, location, ip6, ... }: ''"${hostname}.${location}. AAAA ${ip6}"'';
+  ptrData = { hostname, location, ip, ... }: ''"${ip} ${hostname}.${location}"'';
+  ptr6Data = { hostname, location, ip6, ... }: ''"${ip6} ${hostname}.${location}"'';
 in {
   imports = [ ];
 
@@ -37,7 +37,7 @@ in {
         interface-automatic = "yes";
         interface = [ "0.0.0.0" "::0" ];
 
-        local-zone = ''"${localdomain}." transparent'';
+        local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains;
         local-data = (map localData hosts') ++ (map local6Data ipv6Hosts);
         local-data-ptr = (map ptrData hosts') ++ (map ptr6Data ipv6Hosts);
 
@@ -46,6 +46,7 @@ in {
           "::1 allow_snoop"
           "10.42.0.0/16 allow"
           "127.0.0.0/8 allow"
+          "192.168.0.0/23 allow"
           "192.168.2.0/24 allow"
           "::1/128 allow"
         ];