diff --git a/machines/web01/linkal/module.nix b/machines/web01/linkal/module.nix
index 9162607..63da24a 100644
--- a/machines/web01/linkal/module.nix
+++ b/machines/web01/linkal/module.nix
@@ -48,39 +48,39 @@ in {
       }) cfg.calendarGroups;
 
     # Configure bind for DNS certificate validation on *.cal.dgnum.eu.
-    services.bind = {
-      enable = true;
-      ipv4Only = true;
-      extraConfig = ''
-        include "${config.age.secrets."named-bind_dnskeys_conf".path}";
-      '';
-
-      zones = [rec {
-        name = "cal.dgnum.eu";
-        file = "/var/db/bind/${name}";
-        master = true;
-        extraConfig = ''
-          allow-update { key "rfc2136key.cal.dgnum.eu"; };
-        '';
-      }];
-    };
-
-    networking.firewall = {
-      allowedTCPPorts = [ 53 ];
-      allowedUDPPorts = [ 53 ];
-    };
-
-    dgn-secrets.options = [{ named-bind_dnskeys_conf.owner = "named"; }];
-
-    # Configure ACME for DNS certificate validation
-    security.acme = {
-      acceptTerms = true;
-      defaults = {
-        dnsProvider = "rfc2136";
-        credentialsFile = config.age.secrets."acme-certs_secret".path;
-        dnsPropagationCheck = false;
-      };
-    };
+    # services.bind = {
+    #   enable = true;
+    #   ipv4Only = true;
+    #   extraConfig = ''
+    #     include "${config.age.secrets."named-bind_dnskeys_conf".path}";
+    #   '';
+    #
+    #   zones = [rec {
+    #     name = "cal.dgnum.eu";
+    #     file = "/var/db/bind/${name}";
+    #     master = true;
+    #     extraConfig = ''
+    #       allow-update { key "rfc2136key.cal.dgnum.eu"; };
+    #     '';
+    #   }];
+    # };
+    #
+    # networking.firewall = {
+    #   allowedTCPPorts = [ 53 ];
+    #   allowedUDPPorts = [ 53 ];
+    # };
+    #
+    # dgn-secrets.options = [{ named-bind_dnskeys_conf.owner = "named"; }];
+    #
+    # # Configure ACME for DNS certificate validation
+    # security.acme = {
+    #   acceptTerms = true;
+    #   defaults = {
+    #     dnsProvider = "rfc2136";
+    #     credentialsFile = config.age.secrets."acme-certs_secret".path;
+    #     dnsPropagationCheck = false;
+    #   };
+    # };
 
     services.nginx = {
       enable = true;
@@ -89,7 +89,7 @@ in {
         { port, ... }:
         nameValuePair "${name}.${cfg.domain}" {
           enableACME = true;
-          acmeRoot = null; # Use DNS-01 validation
+          # acmeRoot = null; # Use DNS-01 validation
           forceSSL = true;
 
           locations."/".proxyPass =