diff --git a/servers/ansible/ansible.cfg b/servers/ansible/ansible.cfg
index 96a9b000..6f72f35c 100644
--- a/servers/ansible/ansible.cfg
+++ b/servers/ansible/ansible.cfg
@@ -1,3 +1,5 @@
 [privilege_escalation]
 become=True
 become_user=root
+[ssh_connection]
+pipelining=True
\ No newline at end of file
diff --git a/servers/ansible/playbook.yaml b/servers/ansible/playbook.yaml
index 6bb15293..1677726c 100644
--- a/servers/ansible/playbook.yaml
+++ b/servers/ansible/playbook.yaml
@@ -8,17 +8,17 @@
       ansible.builtin.debug:
         msg: Hello world
     # - name: Copy conduwuit backup
-    #   ansible.builtin.copy:
+    #   ansible.posix.synchronize:
     #     src: ./conduwuit-testing
     #     dest: /var/opt/
     - name: Copy containers
-      ansible.builtin.copy:
+      ansible.posix.synchronize:
         src: ../containers/
         dest: /etc/containers/systemd
     - name: Reload systemd generators
       ansible.builtin.command: sudo systemctl daemon-reload
     - name: Copy traefik config
-      ansible.builtin.copy:
+      ansible.posix.synchronize:
         src: ../traefik/
         dest: /etc/traefik
     - name: Creates traefik state directory
@@ -26,7 +26,7 @@
         path: /var/srv/traefik
         state: directory
     - name: Copy kanidm config
-      ansible.builtin.copy:
+      ansible.posix.synchronize:
         src: ../kanidm/
         dest: /etc/kanidm
     - name: Creates kanidm data directory
@@ -34,15 +34,15 @@
         path: /var/opt/kanidm_data
         state: directory
     - name: Copy Element Web config
-      ansible.builtin.copy:
+      ansible.posix.synchronize:
         src: ../element-web/
         dest: /etc/element-web
     - name: Copy homepage config
-      ansible.builtin.copy:
+      ansible.posix.synchronize:
         src: ../homepage/
         dest: /etc/homepage
     - name: Copy sentry relay config
-      ansible.builtin.copy:
+      ansible.posix.synchronize:
         src: ../sentry-relay/
         dest: /etc/sentry-relay
     # - name: install linux-system-roles
diff --git a/servers/containers/conduwuit-testing.container b/servers/containers/conduwuit-testing.container
index 5fe25e3e..363081f6 100644
--- a/servers/containers/conduwuit-testing.container
+++ b/servers/containers/conduwuit-testing.container
@@ -3,6 +3,7 @@
 [Unit]
 Description=Conduwuit testing (matrix)
 Wants=network-online.target
+Wants=traefik.service
 After=network-online.target
 Documentation=https://conduwuit.puppyirl.gay/
 
diff --git a/servers/containers/conduwuit.container b/servers/containers/conduwuit.container
index d5dff7a6..dcc1ee5c 100644
--- a/servers/containers/conduwuit.container
+++ b/servers/containers/conduwuit.container
@@ -3,6 +3,7 @@
 [Unit]
 Description=Conduwuit (matrix)
 Wants=network-online.target
+Wants=traefik.service
 After=network-online.target
 Documentation=https://conduwuit.puppyirl.gay/
 
diff --git a/servers/containers/maubot.container b/servers/containers/maubot.container
index 9631d9fa..8c94b27e 100644
--- a/servers/containers/maubot.container
+++ b/servers/containers/maubot.container
@@ -4,6 +4,7 @@
 Description=Maubot
 Wants=network-online.target
 After=network-online.target
+After=conduwuit.service
 Documentation=https://docs.mau.fi/maubot/index.html
 
 [Container]
diff --git a/servers/containers/traefik-cert-dumper.container b/servers/containers/traefik-cert-dumper.container
new file mode 100644
index 00000000..e5456949
--- /dev/null
+++ b/servers/containers/traefik-cert-dumper.container
@@ -0,0 +1,19 @@
+[Unit]
+Description=traefik cert dumper
+After=traefik.service
+
+
+[Container]
+ContainerName=traefik-cert-dumper
+NoNewPrivileges=true
+Image=ghcr.io/kereis/traefik-certs-dumper:latest
+Volume=/etc/localtime:/etc/localtime:ro
+Volume=/var/srv/traefik:/traefik:ro
+Volume=traefik-certs.volume:/output
+# AutoUpdate=registry
+
+[Service]
+Restart=unless-stopped
+
+[Install]
+WantedBy=default.target
\ No newline at end of file
diff --git a/servers/containers/traefik-certs.volume b/servers/containers/traefik-certs.volume
new file mode 100644
index 00000000..a153d05e
--- /dev/null
+++ b/servers/containers/traefik-certs.volume
@@ -0,0 +1 @@
+[Volume]
\ No newline at end of file
diff --git a/servers/containers/traefik.container b/servers/containers/traefik.container
index 1cff27fd..f1661b73 100644
--- a/servers/containers/traefik.container
+++ b/servers/containers/traefik.container
@@ -12,6 +12,12 @@ ContainerName=traefik
 PodmanArgs=--privileged
 NoNewPrivileges=true
 Image=docker.io/library/traefik:3.0
+
+# Static IPs assigned for proxy-protocol trust
+IP=10.89.0.21
+IP6=fd76:6f6d:f45e:ea1a::15
+
+# HTTP(S)
 PublishPort=0.0.0.0:80:80/tcp
 PublishPort=0.0.0.0:443:443/tcp
 PublishPort=0.0.0.0:443:443/udp
@@ -26,9 +32,27 @@ PublishPort=0.0.0.0:8448:8448/udp
 PublishPort=[::]:8448:8448/tcp
 PublishPort=[::]:8448:8448/udp
 
-# PublishPort=8448:8448/tcp
+# SMTP
+PublishPort=0.0.0.0:25:25/tcp
+PublishPort=0.0.0.0:25:25/udp
+PublishPort=[::]:25:25/tcp
+PublishPort=[::]:25:25/udp
+
+# SMTPS
+PublishPort=0.0.0.0:465:465/tcp
+PublishPort=0.0.0.0:465:465/udp
+PublishPort=[::]:465:465/tcp
+PublishPort=[::]:465:465/udp
+
+# IMAPS
+PublishPort=0.0.0.0:465:465/tcp
+PublishPort=0.0.0.0:465:465/udp
+PublishPort=[::]:465:465/tcp
+PublishPort=[::]:465:465/udp
+
 ReadOnly=true
 Volume=/run/podman/podman.sock:/var/run/docker.sock:z
+Volume=/etc/localtime:/etc/localtime:ro
 Volume=/var/srv/traefik:/certificates:z
 Volume=/etc/traefik:/etc/traefik:ro,z
 Volume=kanidm-certs.volume:/kanidm_certs:ro,z