diff --git a/nixos/server.nix b/nixos/server.nix
index ec583dce..6acb0455 100644
--- a/nixos/server.nix
+++ b/nixos/server.nix
@@ -20,7 +20,7 @@
     # Services
     ./services/openssh.nix
     ./server/acme.nix
-    ./server/ddclient.nix
+    ./server/cloudflared.nix
     ./server/docker.nix
     ./server/firewall.nix
     ./server/gitea.nix
diff --git a/nixos/server/cloudflared.nix b/nixos/server/cloudflared.nix
new file mode 100644
index 00000000..289b354d
--- /dev/null
+++ b/nixos/server/cloudflared.nix
@@ -0,0 +1,16 @@
+{pkgs, outputs, ...}: {
+  services.cloudflared = {
+    enable = true;
+    tunnels = {
+      "${outputs.secrets.flareTunnelName}" = {
+        credentialsFile = "${pkgs.writeText "credentials" outputs.secrets.flareTunnelApi}";
+        default = "http_status:404";
+        ingress = {
+          "*.${outputs.secrets.jimDomain}" = {
+            service = "https://localhost:443";
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/secrets.nix b/secrets.nix
index dea9ce7d..fb5c7674 100644
Binary files a/secrets.nix and b/secrets.nix differ