diff --git a/flake.nix b/flake.nix
index 7b6d41f..5e71f57 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,6 @@
 # flake for blakes nixos config
 # define new devices in outputs
-# generation: 52 current  2025-10-07 21:09:55  25.05.20251001.5b5be50  6.12.49                          *
+# generation: 53 current  2025-10-07 21:21:52  25.05.20251001.5b5be50  6.12.49                          *
 {
   description = "blakes nix config";
   inputs = {
diff --git a/hosts/snowbelle/configuration.nix b/hosts/snowbelle/configuration.nix
index 99db79b..1ad6823 100644
--- a/hosts/snowbelle/configuration.nix
+++ b/hosts/snowbelle/configuration.nix
@@ -31,6 +31,7 @@
     services = {
       jellyfin.enable = true;
       vaultwarden.enable = true;
+      vaultwarden.port = 7701;
       sonarr.enable = true;
       sonarr.port = 7105;
       prowlarr.enable = true;
diff --git a/modules/homelab/services/arr/prowlarr/default.nix b/modules/homelab/services/arr/prowlarr/default.nix
index ada1f87..c5b1ef0 100644
--- a/modules/homelab/services/arr/prowlarr/default.nix
+++ b/modules/homelab/services/arr/prowlarr/default.nix
@@ -13,7 +13,7 @@ in
     # set port options
     port = lib.mkOption {
       type = lib.types.int;
-      default = cfg.default_port;
+      default = default_port;
       description = "set port for prowlarr (default: ${toString default_port}";
     };
 
diff --git a/modules/homelab/services/arr/sonarr/default.nix b/modules/homelab/services/arr/sonarr/default.nix
index da7768f..f43d01a 100644
--- a/modules/homelab/services/arr/sonarr/default.nix
+++ b/modules/homelab/services/arr/sonarr/default.nix
@@ -12,7 +12,7 @@ in
 
     port = lib.mkOption {
       type = lib.types.int;
-      default = 8989;
+      default = default_port;
       description = "set port for sonarr (${toString default_port})";
     };
 
diff --git a/modules/homelab/services/vaultwarden/default.nix b/modules/homelab/services/vaultwarden/default.nix
index 83610fb..fdee499 100644
--- a/modules/homelab/services/vaultwarden/default.nix
+++ b/modules/homelab/services/vaultwarden/default.nix
@@ -3,8 +3,9 @@
 let
   cfg = config.modules.services.vaultwarden;
   ids = 2771;
-  default_port = 7701;
+  default_port = 8000;
   data_dir = "/var/lib/vaultwarden";
+  domain = https://pass.blakedheld.xyz
 in
 {
   options.modules.services.vaultwarden = {
@@ -43,6 +44,22 @@ in
     # enable the vaultwarden service
     services.vaultwarden = {
       enable = true;
+      config = {
+        DOMAIN=${domain};
+        ROCKET_ADDRESS = "0.0.0.0";
+        ROCKET_PORT = ${port};
+        SIGNUPS_ALLOWED=true;
+#       EXPERIMENTAL_CLIENT_FEATURE_FLAGS=fido2-vault-credentials
+          # The following flags are available:
+          # - "autofill-overlay": Add an overlay menu to form fields for quick access to credentials.
+          # - "autofill-v2": Use the new autofill implementation.
+          # - "browser-fileless-import": Directly import credentials from other providers without a file.
+          # - "extension-refresh": Temporarily enable the new extension design until general availability (should be used with the beta Chrome extension)
+          # - "fido2-vault-credentials": Enable the use of FIDO2 security keys as second factor.
+          # - "inline-menu-positioning-improvements": Enable the use of inline menu password generator and identity suggestions in the browser extension.
+          # - "ssh-key-vault-item": Enable the creation and use of SSH key vault items. (Needs clients >=2024.12.0)
+          # - "ssh-agent": Enable SSH agent support on Desktop. (Needs desktop >=2024.12.0)
+      };
     };
 
     # override umask to make permissions work out