diff --git a/hosts/chocolatebar/chocolatebar.nix b/hosts/chocolatebar/chocolatebar.nix
index 6819481b..bb13dce9 100644
--- a/hosts/chocolatebar/chocolatebar.nix
+++ b/hosts/chocolatebar/chocolatebar.nix
@@ -23,7 +23,7 @@ in
     pub-solar.core.hibernation.resumeOffset = 115075072;
 
     services.openssh.openFirewall = true;
-    networking.firewall.allowedTCPPorts = mkIf psCfg.sway.vnc.enable [ 5901 ];
+    networking.firewall.allowedTCPPorts = [ 443 ] ++ (if psCfg.sway.vnc.enable then [ 5901 ] else [ ]);
 
     environment.systemPackages = with pkgs; [
       wayvnc
@@ -55,5 +55,10 @@ in
         NIX_CC = "${pkgs.stdenv.cc}";
       };
     };
+
+    # For OpenProject development with https
+    security.pki.certificates = [
+      (builtins.readFile ./step-roots.pem)
+    ];
   };
 }
diff --git a/hosts/chocolatebar/step-roots.pem b/hosts/chocolatebar/step-roots.pem
new file mode 100644
index 00000000..0e90e42d
--- /dev/null
+++ b/hosts/chocolatebar/step-roots.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB6DCCAY2gAwIBAgIQD4Q4blCl/ZrTIRU2QpqEOTAKBggqhkjOPQQDAjBSMSMw
+IQYDVQQKExpPcGVuUHJvamVjdCBEZXZlbG9wbWVudCBDQTErMCkGA1UEAxMiT3Bl
+blByb2plY3QgRGV2ZWxvcG1lbnQgQ0EgUm9vdCBDQTAeFw0yMjEwMTgxMTE1NDBa
+Fw0zMjEwMTUxMTE1NDBaMFIxIzAhBgNVBAoTGk9wZW5Qcm9qZWN0IERldmVsb3Bt
+ZW50IENBMSswKQYDVQQDEyJPcGVuUHJvamVjdCBEZXZlbG9wbWVudCBDQSBSb290
+IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEu4rN0lOtgxoC83UKONMy2Ns7
+tI0/u6qPp/Cw92xhaTdh/X9ZWKqIhp2VGj2HUJOOfQXrFew7jbLGOvvoXib0Y6NF
+MEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYE
+FPjV1zK2GZu8x4uR0QDotk5kNinEMAoGCCqGSM49BAMCA0kAMEYCIQDS2OpCnHM7
+RV7fFHT3KsG3q4lA3dJUKGighQaQ2qOwNwIhAOMmWGWd3EaD87q4RROyVt3h7vIN
+nMJRu7L9il84hFF2
+-----END CERTIFICATE-----
diff --git a/users/ben/default.nix b/users/ben/default.nix
index f35dc74a..ce609813 100644
--- a/users/ben/default.nix
+++ b/users/ben/default.nix
@@ -38,12 +38,22 @@ in
       audio.spotify.username = "spotify@benjaminbaedorf.eu";
     };
 
-    networking.hosts = {
-      "127.0.0.1" = [
-        "openproject.local"
-        "saas-1.openproject.local"
-        "transmission.local"
-      ];
-    };
+    # Needed for the udev rules for solaar
+    hardware.logitech.wireless.enable = true;
+    networking.hosts =
+      let
+        localDomains = [
+          "openproject.local"
+          "traefik.local"
+          "nextcloud.local"
+          "step.local"
+          "saas-1.openproject.local"
+          "transmission.local"
+        ];
+      in
+      {
+        "127.0.0.1" = localDomains;
+        "::1" = localDomains;
+      };
   };
 }