diff --git a/bin/.b2init b/bin/.b2init
new file mode 100644
index 0000000..46ba1a4
--- /dev/null
+++ b/bin/.b2init
@@ -0,0 +1 @@
+9585ba84-ef8a-11ed-9363-431dba4e45bd
diff --git a/bin/.env b/bin/.env
index 5680a77..ea24940 100644
--- a/bin/.env
+++ b/bin/.env
@@ -1,5 +1,5 @@
 # Domain name
-DOMAIN="test.com"
+DOMAIN="customer5.fangfree.com"
 
 # Company name
 COMPANY="Fang Free Inc"
diff --git a/bin/.gpg.backblaze b/bin/.gpg.backblaze
new file mode 100644
index 0000000..c872550
--- /dev/null
+++ b/bin/.gpg.backblaze
@@ -0,0 +1 @@
+rDGL27yH6YlIa73MyQpcR38jMyrtOTe5
diff --git a/bin/dumpcerts b/bin/dumpcerts
index f417985..bc6c825 100755
--- a/bin/dumpcerts
+++ b/bin/dumpcerts
@@ -9,21 +9,21 @@ fi
 traefik-certs-dumper file --version v2 --source /federated/apps/traefik/data/letsencrypt/acme.json --dest /federated/certs &> /dev/null
 
 # Install into PostgreSQL container
-cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/postgresql/data/var/lib/postgresql/server.crt
-cp /federated/apps/certs/private/$DOMAIN.key /federated/apps/postgresql/data/var/lib/postgresql/server.key
+cp /federated/certs/certs/$DOMAIN.crt /federated/apps/postgresql/data/var/lib/postgresql/server.crt
+cp /federated/certs/private/$DOMAIN.key /federated/apps/postgresql/data/var/lib/postgresql/server.key
 chown 999 /federated/apps/postgresql/data/var/lib/postgresql/server.crt /federated/apps/postgresql/data/var/lib/postgresql/server.key
 chmod 600 /federated/apps/postgresql/data/var/lib/postgresql/server.crt /federated/apps/postgresql/data/var/lib/postgresql/server.key
 
 # Install into LDAP container
-cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/ldap/data/certs/
+cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/ldap/data/certs/
 
 # Install into Mail container
-cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/mail/data/root/certs/
+cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/mail/data/root/certs/
 
 # Install into Collabora container
-cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/collabora/data/root/certs/
+cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/collabora/data/root/certs/
 chown 104 /federated/apps/collabora/data/root/certs/*
 
 # Install into Matrix container
-cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
+cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
 chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key
diff --git a/bin/install-federated b/bin/install-federated
index 05445a1..0d34ec8 100755
--- a/bin/install-federated
+++ b/bin/install-federated
@@ -19,7 +19,10 @@ get_config() {
 #  done
 
   . /federated/lib/network.sh
-  . /federated/lib/dns.sh
+  . /federated/lib/pdnsmysql.sh
+  . /federated/lib/pdns.sh
+  . /federated/lib/pdnsadmin.sh
+  . /federated/lib/traefik.sh
   . /federated/lib/postgresql.sh
   . /federated/lib/ldap.sh
   . /federated/lib/mail.sh
@@ -31,16 +34,10 @@ get_config() {
   . /federated/lib/listmonk.sh
   . /federated/lib/vaultwarden.sh
   . /federated/lib/panel.sh
-  . /federated/lib/proxy.sh
   . /federated/lib/wireguard.sh
   . /federated/lib/baserow.sh
-  . /federated/lib/calcom.sh
   . /federated/lib/gitea.sh
   . /federated/lib/caddy.sh
-  . /federated/lib/pdns-mysql.sh
-  . /federated/lib/pdns.sh
-  . /federated/lib/pdnsadmin.sh
-  . /federated/lib/pdns-static.sh
   
   COUNTRIES=("AF" "AL" "DZ" "AS" "AD" "AO" "AI" "AQ" "AG" "AR" "AM" "AW" "AU" "AT" "AZ" "BS" "BH" "BD" "BB" "BY" "BE" "BZ" "BJ" "BM" "BT" "BO" "BO" "BA" "BW" "BV" "BR" "IO" "BN" "BN" "BG" "BF" "BI" "KH" "CM" "CA" "CV" "KY" "CF" "TD" "CL" "CN" "CX" "CC" "CO" "KM" "CG" "CD" "CK" "CR" "CI" "CI" "HR" "CU" "CY" "CZ" "DK" "DJ" "DM" "DO" "EC" "EG" "SV" "GQ" "ER" "EE" "ET" "FK" "FO" "FJ" "FI" "FR" "GF" "PF" "TF" "GA" "GM" "GE" "DE" "GH" "GI" "GR" "GL" "GD" "GP" "GU" "GT" "GG" "GN" "GW" "GY" "HT" "HM" "VA" "HN" "HK" "HU" "IS" "IN" "ID" "IR" "IQ" "IE" "IM" "IL" "IT" "JM" "JP" "JE" "JO" "KZ" "KE" "KI" "KP" "KR" "KR" "KW" "KG" "LA" "LV" "LB" "LS" "LR" "LY" "LY" "LI" "LT" "LU" "MO" "MK" "MG" "MW" "MY" "MV" "ML" "MT" "MH" "MQ" "MR" "MU" "YT" "MX" "FM" "MD" "MC" "MN" "ME" "MS" "MA" "MZ" "MM" "MM" "NA" "NR" "NP" "NL" "AN" "NC" "NZ" "NI" "NE" "NG" "NU" "NF" "MP" "NO" "OM" "PK" "PW" "PS" "PA" "PG" "PY" "PE" "PH" "PN" "PL" "PT" "PR" "QA" "RE" "RO" "RU" "RU" "RW" "SH" "KN" "LC" "PM" "VC" "VC" "VC" "WS" "SM" "ST" "SA" "SN" "RS" "SC" "SL" "SG" "SK" "SI" "SB" "SO" "ZA" "GS" "SS" "ES" "LK" "SD" "SR" "SJ" "SZ" "SE" "CH" "SY" "TW" "TW" "TJ" "TZ" "TH" "TL" "TG" "TK" "TO" "TT" "TN" "TR" "TM" "TC" "TV" "UG" "UA" "AE" "GB" "US" "UM" "UY" "UZ" "VU" "VE" "VE" "VN" "VN" "VG" "VI" "WF" "EH" "YE" "ZM" "ZW")
 
@@ -49,7 +46,6 @@ get_config() {
     [ -z "$DOMAIN" ] && failcheck "/federated/bin/.env doesn't include DOMAIN"
     [ -z "$COMPANY" ] && failcheck "/federated/bin/.env doesn't include COMPANY"
     [ -z "$COUNTRY" ] && failcheck "/federated/bin/.env doesn't include COUNTRY"
-    [ -z "$ADMINPASS" ] && failcheck "/federated/bin/.env doesn't include ADMINPASS"
     if ! printf '%s\0' "${COUNTRIES[@]}" | grep -Fxqz -- "$COUNTRY"; then
       failcheck "$COUNTRY is not a valid country code. Use US, GB, HK, etc" 
     fi
@@ -71,6 +67,9 @@ get_config() {
   else
     failcheck "$DOMAIN is not a valid domain.com or sub.domain.com"
   fi
+
+  ADMINPASS=$(create_password);
+  LISTMONKPASS=$(create_password);
 }
 
 while getopts d OPTION; do
@@ -95,7 +94,6 @@ check_ports
 config_network
 
 # Configure and start each federated service
-#for i in pdnsmysql pdns pdnsadmin traefik postgresql ldap mail collabora nextcloud matrix element listmonk vaultwarden panel wireguard jitsi baserow gitea caddy; do
 for i in "${SERVICES[@]}"; do
 	config_$i
 	start_$i
diff --git a/lib/baserow.sh b/lib/baserow.sh
index f914b50..2d6e6a1 100644
--- a/lib/baserow.sh
+++ b/lib/baserow.sh
@@ -13,10 +13,6 @@ config_baserow() {
     mkdir -p /federated/apps/baserow/data/baserow/data
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/baserow/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -29,7 +25,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.28
+        ipv4_address: 172.99.0.29
     env_file:
       - ./.env
     volumes:
@@ -67,6 +63,7 @@ EMAIL_SMTP_USE_TLS=True
 EOF
 chmod 600 /federated/apps/baserow/.env
 
+BASEROW_SECRET="BlAYmXoxZ6mJHzL0VbeP2cfif3NGoVQm"
 echo "$BASEROW_SECRET" > /federated/apps/baserow/data/baserow/data/.federated.postgresql.secret
 
 cat > /federated/apps/baserow/data/createuser.sh <<EOF
diff --git a/lib/caddy.sh b/lib/caddy.sh
index a9e1b4a..7c742f0 100644
--- a/lib/caddy.sh
+++ b/lib/caddy.sh
@@ -15,18 +15,14 @@ config_caddy() {
     mkdir -p /federated/apps/caddy/data/etc/caddy
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/caddy/docker-compose.yml <<EOF
 version: "3.7"
 
 services:
   caddy:
     image: federatedcomputer/caddy:\${IMAGE_VERSION}
-    container_name: www
-    hostname: www.$DOMAIN
+    container_name: caddy
+    hostname: caddy.$DOMAIN
     domainname: $DOMAIN
     restart: always
     networks:
@@ -42,9 +38,9 @@ services:
       - ./data/data:/data
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.pdnsadmin.rule=Host(\`www.$DOMAIN\`,\`blog.$DOMAIN\`,\`documentation.$DOMAIN\`)"
-      - "traefik.http.routers.pdnsadmin.entrypoints=websecure"
-      - "traefik.http.routers.pdnsadmin.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.caddy.rule=Host(\`www.$DOMAIN\`,\`blog.$DOMAIN\`,\`documentation.$DOMAIN\`)"
+      - "traefik.http.routers.caddy.entrypoints=websecure"
+      - "traefik.http.routers.caddy.tls.certresolver=letsencrypt"
 
 networks:
   federated:
@@ -108,8 +104,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_caddy() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/caddy/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "caddy" "nc -z 172.99.0.31 80 &> /dev/null"
+  start_service "caddy" "nc -z $SERVICE_IP 80 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/collabora.sh b/lib/collabora.sh
index 9858f9c..954c71c 100644
--- a/lib/collabora.sh
+++ b/lib/collabora.sh
@@ -11,14 +11,10 @@ config_collabora() {
 
   if [ ! -d "/federated/apps/collabora" ]; then
     mkdir -p /federated/apps/collabora/data/root/certs &> /dev/null
-    cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/collabora/data/root/certs/
+    cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/collabora/data/root/certs/
     chown 104 /federated/apps/collabora/data/root/certs/*
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/collabora/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -31,7 +27,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.14
+        ipv4_address: 172.99.0.17
     extra_hosts:
       - "nextcloud.$DOMAIN:$EXTERNALIP"
     ports:
@@ -46,9 +42,9 @@ services:
       - MKNOD
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.pdnsadmin.rule=Host(\`collabora.$DOMAIN\`)"
-      - "traefik.http.routers.pdnsadmin.entrypoints=websecure"
-      - "traefik.http.routers.pdnsadmin.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.collabora.rule=Host(\`collabora.$DOMAIN\`)"
+      - "traefik.http.routers.collabora.entrypoints=websecure"
+      - "traefik.http.routers.collabora.tls.certresolver=letsencrypt"
 
 networks:
   federated:
@@ -65,9 +61,12 @@ chmod 600 /federated/apps/collabora/.env
 kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
-start_vaultwarden() {
+start_collabora() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/collabora/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "collabora" "nc -z 172.99.0.14 9980 &> /dev/null"
+  start_service "collabora" "nc -z $SERVICE_IP 9980 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/element.sh b/lib/element.sh
index ecccdf8..dcfc723 100644
--- a/lib/element.sh
+++ b/lib/element.sh
@@ -13,10 +13,6 @@ config_element() {
     mkdir -p /federated/apps/element/data/element &> /dev/null
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/element/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -29,16 +25,16 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.18
+        ipv4_address: 172.99.0.20
     volumes:
       - ./data/element/element-config.json:/app/config.json
     env_file:
       - ./.env
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.pdnsadmin.rule=Host(\`element.$DOMAIN\`)"
-      - "traefik.http.routers.pdnsadmin.entrypoints=websecure"
-      - "traefik.http.routers.pdnsadmin.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.element.rule=Host(\`element.$DOMAIN\`)"
+      - "traefik.http.routers.element.entrypoints=websecure"
+      - "traefik.http.routers.element.tls.certresolver=letsencrypt"
         
 networks:
   federated:
@@ -133,8 +129,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_element() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/element/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "element" "nc -z 172.99.0.18 80 &> /dev/null"
+  start_service "element" "nc -z $SERVICE_IP 80 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/functions.sh b/lib/functions.sh
index 948713f..4700dcb 100644
--- a/lib/functions.sh
+++ b/lib/functions.sh
@@ -157,6 +157,11 @@ cat > /federated/apps/mail/data/root/certs/mailfile <<EOF
 Panel: User Management
 https://panel.$DOMAIN
 
+Passwords to keep safe:
+
+Admin Password: $ADMINPASS
+Listmonk Password: $LISTMONKPASS
+
 You must also log in as an admin user to https://vaultwarden.$DOMAIN
 to create an organization for your team. Open the URL
 (https://vaultwarden.$DOMAIN) and click the text below "Continue"
@@ -200,16 +205,12 @@ Baserow: Easy Database. Replacement for Airtable. Build amazing, easy
 to create on-line databases to be used by your team.
 https://baserow.$DOMAIN
 
-Cal.com: Easy scheduling. Create easy links so that others can easily
-schedule time on your calendar without the annoying back-and-forth.
-https://calcom.$DOMAIN
-
 All documentation for users can be found at
 https://documentation.federated.computer/users.
 EOF
 
 # Send out e-mail from mail container with details
-docker exec -it mail bash -c "mail -r admin@$DOMAIN -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile"
+docker exec -it mail bash -c "mail -r admin@$DOMAIN -s \"Welcome to Federated\" admin@$DOMAIN, derek@federated.computer < /root/certs/mailfile"
 cat /federated/apps/mail/data/root/certs/mailfile
 rm /federated/apps/mail/data/root/certs/mailfile
 }
@@ -299,8 +300,8 @@ check_ports() {
 
               # Put nameserver entries so will exist on reboot
 	      rm /etc/resolv.conf
-              echo "nameserver 1.1.1.1" >> /etc/resolv/resolv.conf
-              echo "nameserver 1.0.0.1" >> /etc/resolv/resolv.conf
+              echo "nameserver 1.1.1.1" >> /etc/resolv.conf
+              echo "nameserver 1.0.0.1" >> /etc/resolv.conf
 
 	      kill -9 $SPINPID &> /dev/null
               echo -ne "done."
diff --git a/lib/gitea.sh b/lib/gitea.sh
index 3956933..5a61143 100644
--- a/lib/gitea.sh
+++ b/lib/gitea.sh
@@ -13,10 +13,6 @@ config_gitea() {
     mkdir -p /federated/apps/gitea/data/data
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/gitea/docker-compose.yml <<EOF
 version: "3.7"
 
@@ -44,15 +40,18 @@ services:
       - /etc/localtime:/etc/localtime:ro
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.pdnsadmin.rule=Host(\`gitea.$DOMAIN\`)"
-      - "traefik.http.routers.pdnsadmin.entrypoints=websecure"
-      - "traefik.http.routers.pdnsadmin.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.gitea.rule=Host(\`gitea.$DOMAIN\`)"
+      - "traefik.http.routers.gitea.entrypoints=websecure"
+      - "traefik.http.routers.gitea.tls.certresolver=letsencrypt"
+      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
 
 networks:
   federated:
     external: true
 EOF
 
+GITEA_SECRET="pcf1SCINj6zVSsHdu7b4ugkjTr3IL1Py"
+
 cat > /federated/apps/gitea/.env <<EOF
 IMAGE_VERSION="1.19.0"
 USER_UID=1000
@@ -148,8 +147,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_gitea() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/gitea/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "gitea" "nc -z 172.99.0.30 3000 &> /dev/null"
+  start_service "gitea" "nc -z $SERVICE_IP 3000 &> /dev/null"
 
   # Copy creategitea.sh inside gitea container
   mv /federated/apps/gitea/data/creategitea.sh /federated/apps/gitea/data/data/creategitea.sh
diff --git a/lib/jitsi.sh b/lib/jitsi.sh
index 603fd61..6d445e9 100644
--- a/lib/jitsi.sh
+++ b/lib/jitsi.sh
@@ -18,10 +18,6 @@ config_jitsi() {
 #    chmod 644 /federated/apps/jitsi/data/config/keys/*.pem
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 # Extract Jitsi into /federated/apps/jitsi
 tar zxvf /federated/lib/files/jitsi/stable-* --strip-components 1 -C /federated/apps/jitsi &> /dev/null
 [ $? -ne 0 ] && fail "Couldn't extract files/jitsi/stable* into /federated/apps/jitsi"
@@ -45,9 +41,9 @@ services:
             - ./data/config/keys:/config/keys:Z
         labels:
             - "traefik.enable=true"
-            - "traefik.http.routers.pdnsadmin.rule=Host(\`jitsi.$DOMAIN\`)"
-            - "traefik.http.routers.pdnsadmin.entrypoints=websecure"
-            - "traefik.http.routers.pdnsadmin.tls.certresolver=letsencrypt"
+            - "traefik.http.routers.jitsi.rule=Host(\`jitsi.$DOMAIN\`)"
+            - "traefik.http.routers.jitsi.entrypoints=websecure"
+            - "traefik.http.routers.jitsi.tls.certresolver=letsencrypt"
         environment:
             - AMPLITUDE_ID
             - ANALYTICS_SCRIPT_URLS
@@ -183,7 +179,7 @@ services:
             - XMPP_PORT
         networks:
           federated:
-            ipv4_address: 172.99.0.23
+            ipv4_address: 172.99.0.25
 
     # XMPP server
     prosody:
@@ -278,7 +274,7 @@ services:
             - XMPP_PORT
         networks:
           federated:
-            ipv4_address: 172.99.0.24
+            ipv4_address: 172.99.0.26
             aliases:
               - xmpp.meet.jitsi
 
@@ -331,7 +327,7 @@ services:
             - prosody
         networks:
           federated:
-            ipv4_address: 172.99.0.25
+            ipv4_address: 172.99.0.27
 
     # Video bridge
     jvb:
@@ -376,13 +372,15 @@ services:
             - prosody
         networks:
           federated:
-            ipv4_address: 172.99.0.26
+            ipv4_address: 172.99.0.28
 
 networks:
   federated:
     external: true
 EOF
 
+LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
+
 # Create Jitsi .env file
 cat > /federated/apps/jitsi/.env <<EOF
 # shellcheck disable=SC2034
@@ -500,7 +498,7 @@ ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background
 ENABLE_AUTH=1
 
 # Enable guest access
-ENABLE_GUESTS=0
+ENABLE_GUESTS=1
 
 # Select authentication type: internal, jwt, ldap or matrix
 AUTH_TYPE=ldap
@@ -527,10 +525,10 @@ AUTH_TYPE=ldap
 LDAP_URL=ldap://ldap.$DOMAIN/
 
 # LDAP base DN. Can be empty
-LDAP_BASE=DC=$DOMAIN_FIRST,DC=$DOMAIN_LAST
+LDAP_BASE=DC=federatedcomputer,DC=cloud
 
 # LDAP user DN. Do not specify this parameter for the anonymous bind
-LDAP_BINDDN=CN=admin,DC=$DOMAIN_FIRST,DC=$DOMAIN_LAST
+LDAP_BINDDN=CN=admin,DC=federatedcomputer,DC=cloud
 
 # LDAP user password. Do not specify this parameter for the anonymous bind
 LDAP_BINDPW=$LDAP_SECRET
@@ -615,37 +613,9 @@ echo -ne "done."
 }
 
 start_jitsi() {
-  # Start /federated/apps/jitsi with output to /dev/null
-  echo -ne "\n* Starting /federated/apps/jitsi service.."
-  spin &
-  SPINPID=$!
+  # Start service with command to make sure it's up before proceeding
+  start_service "jitsi" "nc -z 172.99.0.25 443 &> /dev/null"
 
-  if [ $DEBUG ]; then
-    # Start /federated/apps/jitsi with output to console for debug
-    cd /federated/apps/jitsi && docker-compose -f docker-compose.yml -p jitsi up
-    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/jitsi"
-  else
-    cd /federated/apps/jitsi && docker-compose -f docker-compose.yml -p jitsi up -d &> /dev/null
-
-    # Keep trying jitsi port 443 to make sure it's up
-    # before we proceed
-    RETRY="30"
-    while [ $RETRY -gt 0 ]; do
-      nc -z 172.99.0.23 443 &> /dev/null
-      if [ $? -eq 0 ]; then
-        break
-      else
-        if [ "$RETRY" == 1 ]; then
-          docker-compose -f docker-compose.yml -p jitsi down &> /dev/null
-          kill -9 $SPINPID &> /dev/null
-          fail "There was a problem starting service /federated/apps/jitsi\nCheck the output of 'docker logs jitsi' or turn on\ndebug with -d"
-        fi
-        ((RETRY--))
-        sleep 7
-      fi
-    done
-  fi
-  
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
 }
diff --git a/lib/ldap.sh b/lib/ldap.sh
index 4c6fe55..a2b726c 100644
--- a/lib/ldap.sh
+++ b/lib/ldap.sh
@@ -10,17 +10,13 @@ config_ldap() {
   SPINPID=$!
 
   if [ ! -d "/federated/apps/ldap" ]; then
-    mkdir -p /federated/apps/ldap/data &> /dev/null
-    mkdir -p /federated/apps/ldap/data/var/lib/ldap &> /dev/null
-    mkdir -p /federated/apps/ldap/data/etc/ldap/slap.d &> /dev/null
     mkdir -p /federated/apps/ldap/data/certs &> /dev/null
     mkdir -p /federated/apps/ldap/data/root &> /dev/null
-    cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/ldap/data/certs/
+    mkdir -p /federated/apps/ldap/data/var/lib/ldap &> /dev/null
+    mkdir -p /federated/apps/ldap/data/etc/ldap/slap.d &> /dev/null
+    cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/ldap/data/certs/
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
   LDAPADMINPASS=`echo -n $ADMINPASS | openssl dgst -sha1 -binary | openssl enc -base64 | awk '{print "{SHA}"$0}'`
 
 cat > /federated/apps/ldap/docker-compose.yml <<EOF
@@ -36,7 +32,7 @@ services:
     working_dir: /root
     networks:
       federated:
-        ipv4_address: 172.99.0.12
+        ipv4_address: 172.99.0.15
     volumes:
       - ./data/var/lib/ldap:/var/lib/ldap
       - ./data/etc/ldap/slapd.d:/etc/ldap/slapd.d
@@ -58,14 +54,14 @@ EOF
 cat > /federated/apps/ldap/.env <<EOF
 IMAGE_VERSION="1.5.0"
 LDAP_ORGANISATION=$COMPANY
-LDAP_DOMAIN=$DOMAIN
+LDAP_DOMAIN=federatedcomputer.cloud
 LDAP_ADMIN_PASSWORD_FILE=/run/secrets/federated_ldap_password
 LDAP_RFC2307BIS_SCHEMA=true
 LDAP_REMOVE_CONFIG_AFTER_SETUP=true
 LDAP_TLS=true
 LDAP_TLS_CRT_FILENAME=$DOMAIN.crt
 LDAP_TLS_KEY_FILENAME=$DOMAIN.key
-#LDAP_TLS_CA_CRT_FILENAME=chain1.pem
+LDAP_TLS_CA_CRT_FILENAME=$DOMAIN.crt
 LDAP_TLS_VERIFY_CLIENT=try
 EOF
 chmod 600 /federated/apps/ldap/.env
@@ -75,17 +71,17 @@ echo "$LDAP_SECRET" > /federated/apps/ldap/.ldap.secret
 chmod 600 /federated/apps/ldap/.ldap.secret
  
 cat > /federated/apps/ldap/data/root/ldap.ldif <<EOF
-dn: ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: ou=people,dc=federatedcomputer,dc=cloud
 ou: people
 objectClass: organizationalUnit
 structuralObjectClass: organizationalUnit
 
-dn: ou=groups,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: ou=groups,dc=federatedcomputer,dc=cloud
 ou: groups
 objectClass: organizationalUnit
 structuralObjectClass: organizationalUnit
 
-dn: cn=lastGID,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: cn=lastGID,dc=federatedcomputer,dc=cloud
 objectClass: device
 objectClass: top
 description: Records the last GID used to create a Posix group. This prevent
@@ -93,7 +89,7 @@ description: Records the last GID used to create a Posix group. This prevent
 structuralObjectClass: device
 cn: lastGID
 
-dn: cn=lastUID,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: cn=lastUID,dc=federatedcomputer,dc=cloud
 objectClass: device
 objectClass: top
 description: Records the last UID used to create a Posix account. This preve
@@ -101,25 +97,25 @@ description: Records the last UID used to create a Posix account. This preve
 structuralObjectClass: device
 cn: lastUID
 
-dn: cn=everybody,ou=groups,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: cn=everybody,ou=groups,dc=federatedcomputer,dc=cloud
 objectClass: top
 objectClass: posixGroup
 objectClass: groupOfUniqueNames
 cn: everybody
-uniqueMember: uid=admin,ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+uniqueMember: uid=admin,ou=people,dc=federatedcomputer,dc=cloud
 gidNumber: 2001
 structuralObjectClass: groupOfUniqueNames
 
-dn: cn=admins,ou=groups,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: cn=admins,ou=groups,dc=federatedcomputer,dc=cloud
 objectClass: top
 objectClass: posixGroup
 objectClass: groupOfUniqueNames
 cn: admins
-uniqueMember: uid=admin,ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+uniqueMember: uid=admin,ou=people,dc=federatedcomputer,dc=cloud
 gidNumber: 2002
 structuralObjectClass: groupOfUniqueNames
 
-dn: uid=admin,ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+dn: uid=admin,ou=people,dc=federatedcomputer,dc=cloud
 givenName: admin
 sn: admin
 uid: admin
@@ -137,8 +133,8 @@ gidNumber: 2001
 loginShell: /bin/bash
 homeDirectory: /home/admin
 structuralObjectClass: inetOrgPerson
-memberOf: cn=admins,ou=groups,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
-memberOf: cn=everybody,ou=groups,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+memberOf: cn=admins,ou=groups,dc=federatedcomputer,dc=cloud
+memberOf: cn=everybody,ou=groups,dc=federatedcomputer,dc=cloud
 EOF
 
 cat > /federated/apps/ldap/data/root/ldap.sh <<'EOF'
@@ -162,8 +158,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_ldap() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/ldap/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "ldap" "nc -z 172.99.0.12 636 &> /dev/null"
+  start_service "ldap" "nc -z $SERVICE_IP 636 &> /dev/null"
 
   # Run our ldap.sh script inside the ldap container
   # This imports the inital LDAP configuration
diff --git a/lib/listmonk.sh b/lib/listmonk.sh
index 2de012f..17322f5 100644
--- a/lib/listmonk.sh
+++ b/lib/listmonk.sh
@@ -13,10 +13,6 @@ config_listmonk() {
     mkdir -p /federated/apps/listmonk/static /federated/apps/listmonk/data/listmonk
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/listmonk/docker-compose.yml <<EOF
 version: "3.7"
 
@@ -30,7 +26,7 @@ services:
     command: [sh, -c, "yes | ./listmonk --install --config config.toml && ./listmonk --config config.toml"]
     networks:
       federated:
-        ipv4_address: 172.99.0.19
+        ipv4_address: 172.99.0.21
     env_file:
       - ./.env
     volumes:
@@ -47,6 +43,8 @@ networks:
     external: true
 EOF
 
+LISTMONK_SECRET="CTxR2dmNiDpdt2F5tN5ZTqQN0HPiWgX4"
+
 cat > /federated/apps/listmonk/.env <<EOF
 IMAGE_VERSION="v2.3.0"
 TZ=Etc/UTC
@@ -76,8 +74,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_listmonk() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/listmonk/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "listmonk" "nc -z 172.99.0.19 9000 &> /dev/null"
+  start_service "listmonk" "nc -z $SERVICE_IP 9000 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/mail.sh b/lib/mail.sh
index 0a7c87e..e11259d 100644
--- a/lib/mail.sh
+++ b/lib/mail.sh
@@ -15,13 +15,9 @@ config_mail() {
     mkdir -p /federated/apps/mail/data/var/mail-state &> /dev/null
     mkdir -p /federated/apps/mail/data/var/log/mail &> /dev/null
     mkdir -p /federated/apps/mail/data/tmp/docker-mailserver &> /dev/null
-    cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/mail/data/root/certs/
+    cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/mail/data/root/certs/
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/mail/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -34,7 +30,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.13
+        ipv4_address: 172.99.0.16
     ports:
       - "25:25"
       - "143:143"
@@ -59,6 +55,8 @@ networks:
     external: true
 EOF
 
+LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
+
 cat > /federated/apps/mail/.env <<EOF
 IMAGE_VERSION="11.3.1"
 ENABLE_SPAMASSASSIN=1
@@ -78,8 +76,8 @@ LDAP_START_TLS=yes
 DOVECOT_TLS=yes
 SASLAUTHD_LDAP_START_TLS=yes
 LDAP_SERVER_HOST=ldap.$DOMAIN
-LDAP_SEARCH_BASE=ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
-LDAP_BIND_DN=cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+LDAP_SEARCH_BASE=ou=people,dc=federatedcomputer,dc=cloud
+LDAP_BIND_DN=cn=admin,dc=federatedcomputer,dc=cloud
 LDAP_BIND_PW=$LDAP_SECRET
 LDAP_QUERY_FILTER_USER=(&(mail=%s)(mailEnabled=TRUE))
 LDAP_QUERY_FILTER_GROUP=(&(mailGroupMember=%s)(mailEnabled=TRUE))
@@ -93,9 +91,9 @@ DOVECOT_USER_ATTRS=homeDirectory=home,=uid=5000,=gid=5000
 ENABLE_SASLAUTHD=1
 SASLAUTHD_MECHANISMS=ldap
 SASLAUTHD_LDAP_SERVER=ldap.$DOMAIN
-SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+SASLAUTHD_LDAP_BIND_DN=cn=admin,dc=federatedcomputer,dc=cloud
 SASLAUTHD_LDAP_PASSWORD=$LDAP_SECRET
-SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+SASLAUTHD_LDAP_SEARCH_BASE=ou=people,dc=federatedcomputer,dc=cloud
 SASLAUTHD_LDAP_FILTER=(&(objectClass=inetOrgPerson)(uid=%U))
 POSTMASTER_ADDRESS=postmaster@localhost.localdomain
 POSTFIX_MESSAGE_SIZE_LIMIT=100000000
@@ -103,7 +101,8 @@ EOF
 chmod 600 /federated/apps/mail/.env
 
 cat > /federated/apps/mail/data/tmp/docker-mailserver/postfix-main.cf <<'EOF'
-smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_sender_login_mismatch
+smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_sender_login_mismatch, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname
+smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf, reject_unauth_pipelining, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_recipient_domain, check_policy_service inet:127.0.0.1:10023, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org
 smtpd_sender_login_maps = ldap:/etc/postfix/ldap-aliases.cf
 EOF
 
@@ -111,27 +110,25 @@ EOF
   echo -ne "done."
 }
 start_mail() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/mail/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "mail" "nc -z 172.99.0.13 25 &> /dev/null"
+  start_service "mail" "nc -z $SERVICE_IP 25 &> /dev/null"
 
   # Generate the DKIM DNS key
   docker exec -it mail setup config dkim keysize 2048 domain $DOMAIN &> /dev/null
   [ $? -ne 0 ] && fail "Couldn't generate DKIM record"
 
-  # Insert the DKIM DNS TXT entry into /federated/apps/dns container
-  cat /federated/apps/mail/data/tmp/docker-mailserver/opendkim/keys/$DOMAIN/mail.txt >> /federated/apps/dns/data/etc/bind/zones/$DOMAIN
-  [ $? -ne 0 ] && fail "Couldn't insert DKIM record into /federated/apps/dns container"
+  # Insert the DKIM DNS TXT entry into /federated/apps/pdns container
+  DKIM_RECORD_STRIP=`cat /federated/apps/mail/data/tmp/docker-mailserver/opendkim/keys/$DOMAIN/mail.txt | sed 's/.*(//'`
+  DKIM_RECORD=`echo $DKIM_RECORD_STRIP | sed 's/).*//'`
+  docker exec -it pdns pdnsutil add-record $DOMAIN mail._domainkey TXT 86400 "$DKIM_RECORD"
+  [ $? -ne 0 ] && fail "Couldn't insert DKIM record into /federated/apps/pdns container"
 
   # Insert the DMARC DNS TXT entry into /federated/apps/dns container
-  echo "_dmarc.$DOMAIN. IN TXT \"v=DMARC1; p=none; rua=mailto:admin@$DOMAIN; ruf=mailto:admin@$DOMAIN; sp=none; ri=86400\"" >> /federated/apps/dns/data/etc/bind/zones/$DOMAIN
-  [ $? -ne 0 ] && fail "Couldn't insert DMARC record into /federated/apps/dns container"
-
-  # Reload DNS configuration in /federated/apps/dns container 
-  docker exec -it dns rndc reload $DOMAIN &> /dev/null
-  [ $? -ne 0 ] && fail "Couldn't run rndc reload DOMAIN on /federated/apps/dns container"
-
-  docker exec -it dns rndc reload &> /dev/null
-  [ $? -ne 0 ] && fail "Couldn't run rndc reload on /federated/apps/dns container"
+  docker exec -it pdns pdnsutil add-record $DOMAIN _dmarc TXT 86400 "\"v=DMARC1; p=quarantine; rua=mailto:admin@$DOMAIN; ruf=mailto:admin@$DOMAIN; sp=none; ri=86400\""
+  [ $? -ne 0 ] && fail "Couldn't insert DMARC record into /federated/apps/pdns container"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/matrix.sh b/lib/matrix.sh
index 5620e3b..eec7769 100644
--- a/lib/matrix.sh
+++ b/lib/matrix.sh
@@ -11,14 +11,10 @@ config_matrix() {
 
   if [ ! -d "/federated/apps/matrix" ]; then
     mkdir -p /federated/apps/matrix/data/matrix &> /dev/null
-    cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
+    cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
     chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/matrix/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -31,16 +27,16 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.17
+        ipv4_address: 172.99.0.19
     volumes:
      - ./data/matrix:/data
     env_file:
       - ./.env
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.listmonk.rule=Host(\`matrix.$DOMAIN\`)"
-      - "traefik.http.routers.listmonk.entrypoints=websecure"
-      - "traefik.http.routers.listmonk.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.matrix.rule=Host(\`matrix.$DOMAIN\`)"
+      - "traefik.http.routers.matrix.entrypoints=websecure"
+      - "traefik.http.routers.matrix.tls.certresolver=letsencrypt"
 
 networks:
   federated:
@@ -52,6 +48,9 @@ IMAGE_VERSION="v1.75.0"
 EOF
 chmod 600 /federated/apps/matrix/.env
 
+LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
+MATRIX_SECRET="zKCXIwLSamYDG6vlNDeXGFUnzmR5sXYX"
+
 # Generate the matrix homeserver.yaml file
 docker run -it --rm -v "/federated/apps/matrix/data/matrix:/data" -e SYNAPSE_SERVER_NAME=matrix.$DOMAIN -e SYNAPSE_REPORT_STATS=yes matrixdotorg/synapse:latest generate &> /dev/null
 [ $? -ne 0 ] && fail "Couldn't run docker matrixdotorg/synapse:latest generate"
@@ -80,12 +79,12 @@ modules:
       enabled: true
       uri: "ldaps://ldap.$DOMAIN:636"
       start_tls: true
-      base: "dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST"
+      base: "dc=federatedcomputer,dc=cloud"
       attributes:
         mail: "mail"
         uid: "uid"
         name: "givenName"
-      bind_dn: cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+      bind_dn: cn=admin,dc=federatedcomputer,dc=cloud
       bind_password: $LDAP_SECRET
       tls_options:
         validate: true
@@ -97,8 +96,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_matrix() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/matrix/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "matrix" "nc -z 172.99.0.17 8008 &> /dev/null"
+  start_service "matrix" "nc -z $SERVICE_IP 8008 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/nextcloud.sh b/lib/nextcloud.sh
index 7245721..92fc688 100644
--- a/lib/nextcloud.sh
+++ b/lib/nextcloud.sh
@@ -18,10 +18,6 @@ config_nextcloud() {
     mkdir -p /federated/apps/nextcloud/data/var/www/data &> /dev/null
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/nextcloud/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -35,7 +31,7 @@ services:
 #    working_dir: /var/www/html
     networks:
       federated:
-        ipv4_address: 172.99.0.16
+        ipv4_address: 172.99.0.18
     extra_hosts:
       - "collabora.$DOMAIN:$EXTERNALIP"
     volumes:
@@ -52,9 +48,9 @@ services:
       - federated_nextcloud_password
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.listmonk.rule=Host(\`nextcloud.$DOMAIN\`)"
-      - "traefik.http.routers.listmonk.entrypoints=websecure"
-      - "traefik.http.routers.listmonk.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.nextcloud.rule=Host(\`nextcloud.$DOMAIN\`)"
+      - "traefik.http.routers.nextcloud.entrypoints=websecure"
+      - "traefik.http.routers.nextcloud.tls.certresolver=letsencrypt"
 
 secrets:
   federated_psql_password:
@@ -66,6 +62,8 @@ networks:
     external: true
 EOF
 
+LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
+NEXTCLOUD_SECRET="DEeFFCSLHiZKiV0nJQG7QiOFoPUp7lRb"
 echo "$NEXTCLOUD_SECRET" > /federated/apps/nextcloud/.postgresql.secret
 echo "$ADMINPASS" > /federated/apps/nextcloud/.nextcloud.secret
 chmod 600 /federated/apps/nextcloud/.postgresql.secret /federated/apps/nextcloud/.nextcloud.secret
@@ -162,11 +160,11 @@ PATH=/var/www/html:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/sbin:/bin
 /var/www/html/occ app:enable user_ldap
 /var/www/html/occ ldap:create-empty-config
 /var/www/html/occ ldap:set-config s01 ldapHost 'ldaps://ldap.$DOMAIN'
-/var/www/html/occ ldap:set-config s01 ldapAgentName cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+/var/www/html/occ ldap:set-config s01 ldapAgentName cn=admin,dc=federatedcomputer,dc=cloud
 /var/www/html/occ ldap:set-config s01 ldapAgentPassword $LDAP_SECRET
-/var/www/html/occ ldap:set-config s01 ldapBase ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
-/var/www/html/occ ldap:set-config s01 ldapBaseGroups ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
-/var/www/html/occ ldap:set-config s01 ldapBaseUsers ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+/var/www/html/occ ldap:set-config s01 ldapBase ou=people,dc=federatedcomputer,dc=cloud
+/var/www/html/occ ldap:set-config s01 ldapBaseGroups ou=people,dc=federatedcomputer,dc=cloud
+/var/www/html/occ ldap:set-config s01 ldapBaseUsers ou=people,dc=federatedcomputer,dc=cloud
 /var/www/html/occ ldap:set-config s01 ldapEmailAttribute mail
 /var/www/html/occ ldap:set-config s01 ldapGidNumber gidNumber
 /var/www/html/occ ldap:set-config s01 ldapGroupDisplayName cn
@@ -213,13 +211,13 @@ PATH=/var/www/html:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/sbin:/bin
 /var/www/html/occ app:enable forms
 /var/www/html/occ app:enable spreed
 /var/www/html/occ app:enable side_menu
-/var/www/html/occ mail:account:create admin admin admin@$DOMAIN mail.$DOMAIN 993 ssl admin@$DOMAIN $ADMINPASS mail.$DOMAIN 465 ssl admin@$DOMAIN $ADMINPASS password
 /var/www/html/occ app:enable richdocuments
 /var/www/html/occ config:app:set --value https:\/\/collabora.$DOMAIN richdocuments public_wopi_url
 /var/www/html/occ config:app:set --value https:\/\/collabora.$DOMAIN richdocuments wopi_url
 /var/www/html/occ config:app:set --value ooxml richdocuments doc_format
 /var/www/html/occ config:app:set --value "" richdocuments disable_certificate_verification
 /var/www/html/occ config:import configs.json
+/var/www/html/occ mail:account:create admin admin admin@$DOMAIN mail.$DOMAIN 993 ssl admin@$DOMAIN $ADMINPASS mail.$DOMAIN 465 ssl admin@$DOMAIN $ADMINPASS password
 EOF
 
 chmod +x /federated/apps/nextcloud/data/config.sh
@@ -229,8 +227,11 @@ chmod +x /federated/apps/nextcloud/data/config.sh
 }
 
 start_nextcloud() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/nextcloud/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "nextcloud" "nc -z 172.99.0.16 80 &> /dev/null"
+  start_service "nextcloud" "nc -z $SERVICE_IP 80 &> /dev/null"
 
   # Move config.sh and sidemenu config, set config.sh executable
   mv /federated/apps/nextcloud/data/config.sh /federated/apps/nextcloud/data/configs.json /federated/apps/nextcloud/data/var/www/html/
diff --git a/lib/panel.sh b/lib/panel.sh
index 1d3b6b5..dd0345c 100644
--- a/lib/panel.sh
+++ b/lib/panel.sh
@@ -13,10 +13,6 @@ config_panel() {
     mkdir -p /federated/apps/panel
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/panel/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -29,28 +25,30 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.21
+        ipv4_address: 172.99.0.23
     env_file:
       - ./.env
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.listmonk.rule=Host(\`panel.$DOMAIN\`)"
-      - "traefik.http.routers.listmonk.entrypoints=websecure"
-      - "traefik.http.routers.listmonk.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.panel.rule=Host(\`panel.$DOMAIN\`)"
+      - "traefik.http.routers.panel.entrypoints=websecure"
+      - "traefik.http.routers.panel.tls.certresolver=letsencrypt"
 
 networks:
   federated:
     external: true
 EOF
 
+LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
+
 cat > /federated/apps/panel/.env <<EOF
 IMAGE_VERSION="v1.10"
 SERVER_HOSTNAME=panel.$DOMAIN
 LDAP_URI=ldap://ldap.$DOMAIN
-LDAP_BASE_DN=dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+LDAP_BASE_DN=dc=federatedcomputer,dc=cloud
 LDAP_REQUIRE_STARTTLS=true
 LDAP_ADMINS_GROUP=admins
-LDAP_ADMIN_BIND_DN=cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+LDAP_ADMIN_BIND_DN=cn=admin,dc=federatedcomputer,dc=cloud
 LDAP_ADMIN_BIND_PWD=$LDAP_SECRET
 LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES=PostfixBookMailAccount
 LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES=mailEnabled:Mail Enabled:TRUE,mailAlias+:Email aliases
@@ -70,8 +68,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_panel() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/panel/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "panel" "nc -z 172.99.0.21 80 &> /dev/null"
+  start_service "panel" "nc -z $SERVICE_IP 80 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/pdns.sh b/lib/pdns.sh
index cddbfc3..e940bc7 100644
--- a/lib/pdns.sh
+++ b/lib/pdns.sh
@@ -25,7 +25,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.9
+        ipv4_address: 172.99.0.11
     ports:
       - "53:53"
       - "53:53/udp"
@@ -79,7 +79,7 @@ curl -X PATCH --data '{"rrsets": [ {"name": "$DOMAIN.", "type": "MX", "ttl": 864
 curl -X PATCH --data '{"rrsets": [ {"name": "$DOMAIN.", "type": "TXT", "ttl": 86400, "changetype": "REPLACE", "records": [ {"content": "\"v=spf1 mx a:$DOMAIN ~all\"", "disabled": false } ] } ] }' -H 'X-API-Key: $PDNS_APIKEY' http://127.0.0.1:8081/api/v1/servers/localhost/zones/$DOMAIN.
 
 # Create the A records for domain
-for i in ns1 ns2 mail www computer panel nextcloud collabora jitsi matrix element listmonk vaultwarden vpn baserow gitea blog documentation; do
+for i in ns1 ns2 pdnsadmin traefik mail www computer panel nextcloud collabora jitsi matrix element listmonk vaultwarden vpn wireguard baserow gitea blog documentation; do
   curl -X PATCH --data "{\"rrsets\": [ {\"name\": \"\$i.$DOMAIN.\", \"type\": \"A\", \"ttl\": 86400, \"changetype\": \"REPLACE\", \"records\": [ {\"content\": \"$EXTERNALIP\", \"disabled\": false } ] } ] }" -H 'X-API-Key: $PDNS_APIKEY' http://127.0.0.1:8081/api/v1/servers/localhost/zones/$DOMAIN.
 done
 
@@ -88,6 +88,8 @@ done
 
 # Create CNAME record for domain to www
 curl -X PATCH --data '{"rrsets": [ {"name": "*.$DOMAIN.", "type": "CNAME", "ttl": 86400, "changetype": "REPLACE", "records": [ {"content": "www.$DOMAIN.", "disabled": false } ] } ] }' -H 'X-API-Key: $PDNS_APIKEY' http://127.0.0.1:8081/api/v1/servers/localhost/zones/$DOMAIN.
+
+pdnsutil add-record $DOMAIN @ A 86400 $EXTERNALIP
 EOF
 chmod +x /federated/apps/pdns/data/root/createrecords.sh
  
@@ -95,8 +97,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_pdns() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/pdns/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "pdns" "nc -z 172.99.0.9 8081 &> /dev/null"
+  start_service "pdns" "nc -z ${SERVICE_IP} 8081 &> /dev/null"
 
   # Run createrecords.sh inside baserow container
   docker exec -it pdns /root/createrecords.sh
diff --git a/lib/pdnsadmin.sh b/lib/pdnsadmin.sh
index de09d1d..b35611f 100644
--- a/lib/pdnsadmin.sh
+++ b/lib/pdnsadmin.sh
@@ -18,30 +18,30 @@ version: '3.7'
 
 services:
   pdnsadmin:
-    image: pschiffe/pdnsadmin-uwsgi\${IMAGE_VERSION}
+    image: pschiffe/pdns-admin-uwsgi\${IMAGE_VERSION}
     container_name: pdnsadmin
     hostname: pdnsadmin.$DOMAIN
     domainname: $DOMAIN
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.10
+        ipv4_address: 172.99.0.12
     env_file:
       - ./.env
     volumes:
       - ./data/etc/uwsgi.ini:/etc/uwsgi.ini
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.listmonk.rule=Host(\`pdnsadmin.$DOMAIN\`)"
-      - "traefik.http.routers.listmonk.entrypoints=websecure"
-      - "traefik.http.routers.listmonk.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.pdnsadmin.rule=Host(\`pdnsadmin.$DOMAIN\`)"
+      - "traefik.http.routers.pdnsadmin.entrypoints=websecure"
+      - "traefik.http.routers.pdnsadmin.tls.certresolver=letsencrypt"
 
 networks:
   federated:
     external: true
 EOF
 
-MYSQL_PASSWORD=`grep MYSQL_PASSWORD /federated/apps/pdns-mysql/.env | awk -F= '{ print $2 }'`
+MYSQL_PASSWORD=`grep MYSQL_PASSWORD /federated/apps/pdnsmysql/.env | awk -F= '{ print $2 }'`
 PDNS_APIKEY=`grep PDNS_api_key /federated/apps/pdns/.env | awk -F= '{ print $2 }'`
 PDNS_ADMIN_WEBSERVER_PASSWORD_SALT=`htpasswd -bnBC 10 "" $ADMINPASS | tr -d ':\n' | sed 's/$2y/$2b/'`
 PDNS_MYSQL_COMMAND="insert into user (id, username, password, firstname, lastname, email, otp_secret, role_id, confirmed) values (\"1\", \"admin\", \"$PDNS_ADMIN_WEBSERVER_PASSWORD_SALT\", \"Admin\", \"Federated\", \"admin@$DOMAIN\", \"\", \"1\", \"0\");"
@@ -93,11 +93,14 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_pdnsadmin() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/pdnsadmin/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "pdnsadmin" "nc -z 172.99.0.10 9494 &> /dev/null"
+  start_service "pdnsadmin" "nc -z ${SERVICE_IP} 9494 &> /dev/null"
 
   # Run MySQL command to create admin user for pdns admin interface
-  docker exec -it pdns-mysql bash -c "mysql -updns -p$MYSQL_PASSWORD pdns -e '$PDNS_MYSQL_COMMAND;'"
+  docker exec -it pdnsmysql bash -c "mysql -updns -p$MYSQL_PASSWORD pdns -e '$PDNS_MYSQL_COMMAND;'"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/pdnsmysql.sh b/lib/pdnsmysql.sh
index 4a815e4..e7e7bf8 100644
--- a/lib/pdnsmysql.sh
+++ b/lib/pdnsmysql.sh
@@ -25,7 +25,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.8
+        ipv4_address: 172.99.0.10
     env_file:
       - ./.env
     volumes:
@@ -52,8 +52,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_pdnsmysql() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/pdnsmysql/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "pdnsmysql" "nc -z 172.99.0.8 3306 &> /dev/null"
+  start_service "pdnsmysql" "nc -z ${SERVICE_IP} 3306 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/postgresql.sh b/lib/postgresql.sh
index b38f447..5010447 100644
--- a/lib/postgresql.sh
+++ b/lib/postgresql.sh
@@ -11,8 +11,8 @@ config_postgresql() {
 
   if [ ! -d "/federated/apps/postgresql" ]; then
     mkdir -p /federated/apps/postgresql/data/var/lib/postgresql /federated/apps/postgresql/data/docker-entrypoint-initdb.d
-    cp /federated/apps/certs/certs/$DOMAIN.crt /federated/apps/postgresql/data/var/lib/postgresql/server.crt
-    cp /federated/apps/certs/private/$DOMAIN.key /federated/apps/postgresql/data/var/lib/postgresql/server.key
+    cp /federated/certs/certs/$DOMAIN.crt /federated/apps/postgresql/data/var/lib/postgresql/server.crt
+    cp /federated/certs/private/$DOMAIN.key /federated/apps/postgresql/data/var/lib/postgresql/server.key
     chown 999 /federated/apps/postgresql/data/var/lib/postgresql/server.crt /federated/apps/postgresql/data/var/lib/postgresql/server.key
     chmod 600 /federated/apps/postgresql/data/var/lib/postgresql/server.crt /federated/apps/postgresql/data/var/lib/postgresql/server.key
   fi
@@ -29,7 +29,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.11
+        ipv4_address: 172.99.0.14
     volumes:
       - ./data/var/lib/postgresql/server.crt:/var/lib/postgresql/server.crt
       - ./data/var/lib/postgresql/server.key:/var/lib/postgresql/server.key
@@ -74,7 +74,6 @@ VAULTWARDEN_SECRET=$(create_password);
 LISTMONK_SECRET=$(create_password);
 MATRIX_SECRET=$(create_password);
 BASEROW_SECRET=$(create_password);
-CALCOM_SECRET=$(create_password);
 GITEA_SECRET=$(create_password);
 
 # cat postgresql/data/docker-entrypoint-initdb.d/init.sql
@@ -94,9 +93,6 @@ GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
 CREATE USER baserow WITH PASSWORD '$BASEROW_SECRET';
 CREATE DATABASE baserow;
 GRANT ALL PRIVILEGES ON DATABASE baserow TO baserow;
-CREATE USER calcom WITH PASSWORD '$CALCOM_SECRET';
-CREATE DATABASE calcom;
-GRANT ALL PRIVILEGES ON DATABASE calcom TO calcom;
 CREATE USER gitea WITH PASSWORD '$GITEA_SECRET';
 CREATE DATABASE gitea;
 GRANT ALL PRIVILEGES ON DATABASE gitea TO gitea;
@@ -106,8 +102,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_postgresql() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/postgresql/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "postgresql" "nc -z 172.99.0.11 5432 &> /dev/null"
+  start_service "postgresql" "nc -z ${SERVICE_IP} 5432 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/traefik.sh b/lib/traefik.sh
index 6e0dc0d..7069794 100644
--- a/lib/traefik.sh
+++ b/lib/traefik.sh
@@ -27,7 +27,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.5
+        ipv4_address: 172.99.0.13
     command:
       # Tell Traefik to discover containers using the Docker API
       - --providers.docker=true
@@ -75,6 +75,8 @@ networks:
     external: true
 EOF
 
+PDNS_APIKEY=`grep PDNS_api_key /federated/apps/pdns/.env | awk -F= '{ print $2 }'`
+
 cat > /federated/apps/traefik/.env <<EOF
 IMAGE_VERSION="v2.10.1"
 PDNS_API_KEY=$PDNS_APIKEY
diff --git a/lib/vaultwarden.sh b/lib/vaultwarden.sh
index c274d61..95a3905 100644
--- a/lib/vaultwarden.sh
+++ b/lib/vaultwarden.sh
@@ -9,19 +9,10 @@ config_vaultwarden() {
   spin &
   SPINPID=$!
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_MIDDLE=${DOMAIN_ARRAY[1]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[2]}
-
   if [ ! -d "/federated/apps/vaultwarden" ]; then
     mkdir -p /federated/apps/vaultwarden/data/data
   fi
 
-#  DOMAIN_ARRAY=(${DOMAIN//./ })
-#  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-#  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/vaultwarden/docker-compose.yml <<EOF
 version: '3.7'
 
@@ -34,7 +25,7 @@ services:
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.20
+        ipv4_address: 172.99.0.22
     env_file:
       - ./.env
     volumes:
@@ -50,6 +41,8 @@ networks:
     external: true
 EOF
 
+VAULTWARDEN_SECRET="tVCSy89xjQIgaoHbz1n0aol1SPbsPMOV"
+
 cat > /federated/apps/vaultwarden/.env <<EOF
 IMAGE_VERSION="1.27.0"
 DATABASE_URL=postgresql://vaultwarden:$VAULTWARDEN_SECRET@postgresql.$DOMAIN:5432/vaultwarden
@@ -69,8 +62,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_vaultwarden() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/vaultwarden/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "vaultwarden" "nc -z 172.99.0.20 80 &> /dev/null"
+  start_service "vaultwarden" "nc -z $SERVICE_IP 80 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."
diff --git a/lib/wireguard.sh b/lib/wireguard.sh
index 5a1af40..22b031e 100644
--- a/lib/wireguard.sh
+++ b/lib/wireguard.sh
@@ -13,22 +13,18 @@ config_wireguard() {
     mkdir -p /federated/apps/wireguard/data/config
   fi
 
-  DOMAIN_ARRAY=(${DOMAIN//./ })
-  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
-  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
-
 cat > /federated/apps/wireguard/docker-compose.yml <<EOF
 version: "3.7"
 services:
   wireguard:
     image: linuxserver/wireguard:\${IMAGE_VERSION}
-    container_name: vpn
-    hostname: vpn.$DOMAIN
+    container_name: wireguard
+    hostname: wireguard.$DOMAIN
     domainname: $DOMAIN
     restart: always
     networks:
       federated:
-        ipv4_address: 172.99.0.22
+        ipv4_address: 172.99.0.24
     ports:
       - 51820:51820/udp
     volumes:
@@ -51,7 +47,7 @@ cat > /federated/apps/wireguard/.env <<EOF
 IMAGE_VERSION="1.0.20210914"
 PUID=1000
 PGID=1000
-SERVERURL=vpn.$DOMAIN
+SERVERURL=wireguard.$DOMAIN
 SERVERPORT=51820
 PEERS=1
 PEERDNS=auto
@@ -64,8 +60,11 @@ kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
 start_wireguard() {
+  # Grab the container IP from docker-compose above
+  SERVICE_IP=`grep ipv4_address /federated/apps/wireguard/docker-compose.yml | awk '{ print $2 }'`
+
   # Start service with command to make sure it's up before proceeding
-  start_service "wireguard" "nc -uvz 172.99.0.22 51820 &> /dev/null"
+  start_service "wireguard" "nc -uvz $SERVICE_IP 51820 &> /dev/null"
 
   kill -9 $SPINPID &> /dev/null
   echo -ne "done."