diff --git a/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix b/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
index 13e93d1..859216c 100644
--- a/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
+++ b/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
@@ -94,7 +94,7 @@ in {
             acmeRoot = null;
             forceSSL = true;
             locations."/".proxyWebsockets = true;
-            locations."/".proxyPass = "http://${mini_watcher}:13378";
+            locations."/".proxyPass = "http://${backend_ip}:13378";
           };
           "atuin.${home_domain}" = {
             listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
diff --git a/modules/hosts/nixos/nixnuc/default.nix b/modules/hosts/nixos/nixnuc/default.nix
index 82e73ba..4dc82ed 100644
--- a/modules/hosts/nixos/nixnuc/default.nix
+++ b/modules/hosts/nixos/nixnuc/default.nix
@@ -43,7 +43,7 @@
 
   networking = {
     # Open ports in the firewall.
-    firewall.allowedTCPPorts = [ 22 80 ];
+    firewall.allowedTCPPorts = [ 22 80 13378];
     # firewall.allowedUDPPorts = [ ... ];
     # Or disable the firewall altogether.
     # firewall.enable = false;
@@ -60,7 +60,11 @@
     };
     interfaces = {
       eno1.useDHCP = true;
-      br1-23.useDHCP = false;
+      br1-23 = {
+        useDHCP = false;
+        # This enables the container attached to the bridge to be reachable
+        ipv4.routes = [{ address = "192.168.23.21"; prefixLength = 32; }];
+      };
     };
   };