diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix
index d99f801..de68f49 100755
--- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix
+++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix
@@ -63,6 +63,7 @@ in
               };
               script = ''
                 mkdir -p /etc/opencloud-secrets
+                mkdir /etc/static/opencloud
                 cp /run/secrets/projectenv /etc/opencloud-secrets/env
                 chmod 755 /etc/opencloud-secrets
                 chmod 644 /etc/opencloud-secrets/*
@@ -171,16 +172,20 @@ in
 
   services.caddy.virtualHosts = {
     "${host}" = {
-      extraConfig = ''
-        reverse_proxy ${serviceCfg.interface.ip}:${toString serviceCfg.ports.port0} {
-          header_up X-Real-IP {remote_host}
-        }
+      extraConfig =
+        let
+          credPath = "/var/lib/acme/${host}";
+        in
+        ''
+          reverse_proxy ${serviceCfg.interface.ip}:${toString serviceCfg.ports.port0} {
+            header_up X-Real-IP {remote_host}
+          }
 
-        redir /.well-known/carddav /remote.php/dav/ 301
-        redir /.well-known/caldav /remote.php/dav/ 301
+          redir /.well-known/carddav /remote.php/dav/ 301
+          redir /.well-known/caldav /remote.php/dav/ 301
 
-        tls /var/lib/acme/${host}/fullchain.pem /var/lib/acme/${host}/key.pem 
-      '';
+          tls ${credPath}/fullchain.pem ${credPath}/key.pem 
+        '';
     };
   };