diff --git a/modules/homelab/services/arr/bazarr/default.nix b/modules/homelab/services/arr/bazarr/default.nix
index 83a20d0..1c632b7 100644
--- a/modules/homelab/services/arr/bazarr/default.nix
+++ b/modules/homelab/services/arr/bazarr/default.nix
@@ -75,7 +75,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/arr/flaresolverr/default.nix b/modules/homelab/services/arr/flaresolverr/default.nix
index 99dc0c1..f5104f1 100644
--- a/modules/homelab/services/arr/flaresolverr/default.nix
+++ b/modules/homelab/services/arr/flaresolverr/default.nix
@@ -71,7 +71,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
   };
diff --git a/modules/homelab/services/arr/prowlarr/default.nix b/modules/homelab/services/arr/prowlarr/default.nix
index bbaa530..a38baa2 100644
--- a/modules/homelab/services/arr/prowlarr/default.nix
+++ b/modules/homelab/services/arr/prowlarr/default.nix
@@ -77,7 +77,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/arr/radarr/default.nix b/modules/homelab/services/arr/radarr/default.nix
index 79ce04a..54f3e73 100644
--- a/modules/homelab/services/arr/radarr/default.nix
+++ b/modules/homelab/services/arr/radarr/default.nix
@@ -80,7 +80,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/arr/sonarr/default.nix b/modules/homelab/services/arr/sonarr/default.nix
index 32e6cad..47bab4b 100644
--- a/modules/homelab/services/arr/sonarr/default.nix
+++ b/modules/homelab/services/arr/sonarr/default.nix
@@ -78,7 +78,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/audiobookshelf/default.nix b/modules/homelab/services/audiobookshelf/default.nix
index 1fcc25e..f1b4980 100644
--- a/modules/homelab/services/audiobookshelf/default.nix
+++ b/modules/homelab/services/audiobookshelf/default.nix
@@ -81,12 +81,6 @@ in
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
         reverse_proxy 127.0.0.1:${toString cfg.port} {
-          stream_timeout 24h
-          stream_close_delay 5m
-          transport http {
-            tls
-            tls_insecure_skip_verify
-          }
         }
       '';
     };
diff --git a/modules/homelab/services/caddy/default.nix b/modules/homelab/services/caddy/default.nix
index e7f5e37..d7080ea 100644
--- a/modules/homelab/services/caddy/default.nix
+++ b/modules/homelab/services/caddy/default.nix
@@ -46,7 +46,7 @@ in
       dataDir = cfg.data_dir;
       email = "me@blakedheld.xyz";
       globalConfig = ''
-#        auto_https ignore_loaded_certs
+        auto_https ignore_loaded_certs
       '';
       
       virtualHosts."key.${homelab.public_domain}" = {
diff --git a/modules/homelab/services/gitea/default.nix b/modules/homelab/services/gitea/default.nix
index 6787278..48248ab 100644
--- a/modules/homelab/services/gitea/default.nix
+++ b/modules/homelab/services/gitea/default.nix
@@ -95,8 +95,9 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       serverAliases = [ "git.${homelab.public_domain}" ];
       extraConfig = ''
-#        tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
+        reverse_proxy localhost:${toString cfg.port} {
+        }
       '';
     };
 
diff --git a/modules/homelab/services/glance/default.nix b/modules/homelab/services/glance/default.nix
index c60e368..0f055b3 100644
--- a/modules/homelab/services/glance/default.nix
+++ b/modules/homelab/services/glance/default.nix
@@ -236,7 +236,7 @@ in
 #      serverAliases = [ "${homelab.public_domain}" ];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/home/homeassistant/default.nix b/modules/homelab/services/home/homeassistant/default.nix
index 77967a0..a1b40b9 100644
--- a/modules/homelab/services/home/homeassistant/default.nix
+++ b/modules/homelab/services/home/homeassistant/default.nix
@@ -92,7 +92,7 @@ in
       serverAliases = [ "${service}.${homelab.public_domain}" ];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/home/zigbee2mqtt/default.nix b/modules/homelab/services/home/zigbee2mqtt/default.nix
index 4316d64..0eed28b 100644
--- a/modules/homelab/services/home/zigbee2mqtt/default.nix
+++ b/modules/homelab/services/home/zigbee2mqtt/default.nix
@@ -99,7 +99,7 @@ in
       serverAliases = [ "z2m.${homelab.public_domain}" ];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/immich/default.nix b/modules/homelab/services/immich/default.nix
index 865228c..19c055e 100644
--- a/modules/homelab/services/immich/default.nix
+++ b/modules/homelab/services/immich/default.nix
@@ -80,7 +80,7 @@ in
       serverAliases = [ "photos.${homelab.public_domain}" ];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/jellyfin/default.nix b/modules/homelab/services/jellyfin/default.nix
index 79f968c..74ff737 100644
--- a/modules/homelab/services/jellyfin/default.nix
+++ b/modules/homelab/services/jellyfin/default.nix
@@ -76,7 +76,7 @@ in
       serverAliases = [ "media.${homelab.public_domain}" ];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/qbittorrent/default.nix b/modules/homelab/services/qbittorrent/default.nix
index 8920f50..6de1df3 100644
--- a/modules/homelab/services/qbittorrent/default.nix
+++ b/modules/homelab/services/qbittorrent/default.nix
@@ -113,7 +113,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/uptime-kuma/default.nix b/modules/homelab/services/uptime-kuma/default.nix
index d6dfb5e..560b06f 100644
--- a/modules/homelab/services/uptime-kuma/default.nix
+++ b/modules/homelab/services/uptime-kuma/default.nix
@@ -76,7 +76,7 @@ in
     services.caddy.virtualHosts."${cfg.url}" = {
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/vaultwarden/default.nix b/modules/homelab/services/vaultwarden/default.nix
index cfb366c..5dcd989 100644
--- a/modules/homelab/services/vaultwarden/default.nix
+++ b/modules/homelab/services/vaultwarden/default.nix
@@ -89,7 +89,7 @@ in
       serverAliases = [ "pass.${homelab.public_domain}" ];
       extraConfig = ''
         tls /etc/ssl/blakedheld.xyz.crt /etc/ssl/blakedheld.xyz.key
-        reverse_proxy http://127.0.0.1:${toString cfg.port}
+        reverse_proxy 127.0.0.1:${toString cfg.port}
       '';
     };
 
diff --git a/modules/homelab/services/yacreader/default.nix b/modules/homelab/services/yacreader/default.nix
index 230356a..750ce11 100644
--- a/modules/homelab/services/yacreader/default.nix
+++ b/modules/homelab/services/yacreader/default.nix
@@ -79,13 +79,22 @@ in
     # open firewall
     networking.firewall.allowedTCPPorts = [ cfg.port ];
 
+    # add to caddy for reverse proxy
+    services.caddy.virtualHosts."${cfg.url}" = {
+      extraConfig = ''
+        tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
+        reverse_proxy 127.0.0.1:${toString cfg.port} {
+        }
+      '';
+    };
+
    # add to glance local service
     modules.services.glance.links.mediastack = [{
       title = service;
       url = "https://${cfg.url}";
       error-url = "http://${homelab.host_ip}:${toString cfg.port}";
       check-url = "http://${homelab.host_ip}:${toString cfg.port}";
-      icon = "di:${service}"; }];
+      icon = "di:yac-reader"; }];
 
 #    sops.secrets = {
 #      "${service}_" = {