diff --git a/services/traefik.hcl b/services/traefik.hcl
index b56276c..022dd93 100644
--- a/services/traefik.hcl
+++ b/services/traefik.hcl
@@ -10,7 +10,7 @@ job "traefik" {
         static = "443"
       }
       port "admin" {
-        #host_network = "tailscale"
+        host_network = "tailscale"
         static = "9002"
       }
     }
@@ -24,18 +24,28 @@ job "traefik" {
 
     task "traefik" {
       driver = "docker"
+
       service {
-        name = "traefik-secure"
+        name = "traefik"
         port = "https"
 
+        tags = [
+          "traefik.enable=true",
+          "traefik.http.routers.api.rule=Host(`traefik.v.paler.net`)",
+          "traefik.http.routers.api.service=api@internal",
+        ]
+
         check {
-          type     = "tcp"
+          type = "http"
+          port = "admin"
+          path = "/ping"
           interval = "10s"
           timeout  = "2s"
         }
       }
+
       service {
-        name = "traefik"
+        name = "traefik-admin"
         port = "admin"
         tags = [
           "metrics"
@@ -71,18 +81,27 @@ entryPoints:
           scheme: https
           permanent: true
 
-  traefik:
-    address: ":{{{ env "NOMAD_PORT_admin" }}}"
-
   websecure:
     address: ":{{{ env "NOMAD_PORT_https" }}}"
     http:
       tls:
         certResolver: letsencrypt
 
+  admin:
+    address: ":{{{ env "NOMAD_PORT_admin" }}}"
+
 api:
   dashboard: true
-  insecure: true
+
+accessLog: {}
+
+metrics:
+  prometheus:
+    entryPoint: admin
+    manualrouting: true
+
+ping:
+  entryPoint: admin
 
 serversTransport:
   insecureSkipVerify: true