diff --git a/hosts/morax/default.nix b/hosts/morax/default.nix
index aa1459c..1e653d0 100755
--- a/hosts/morax/default.nix
+++ b/hosts/morax/default.nix
@@ -11,6 +11,17 @@
     ../../host-secrets.nix
   ];
 
+  # Enable modules
+  modules.caddy.enable = true;
+  modules.garage.enable = true;
+
+  modules.caddy = {
+    email = "ana@nekomimi.pet";
+    reverseProxies = {
+      "s3.nkp.pet" = ["valefar:3900" "morax:3900"];
+    };
+  };
+
   system.stateVersion = "25.05";
 
   nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
diff --git a/hosts/morax/hardware.nix b/hosts/morax/hardware.nix
index 932aab3..79a2a14 100755
--- a/hosts/morax/hardware.nix
+++ b/hosts/morax/hardware.nix
@@ -18,6 +18,11 @@
       fsType = "ext4";
     };
 
+  fileSystems."/garage" = {
+  device = "/dev/sda1";
+    fsType = "ext4";
+  };
+
   swapDevices = [ ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
diff --git a/modules/caddy/default.nix b/modules/caddy/default.nix
index 1a073f9..674325b 100755
--- a/modules/caddy/default.nix
+++ b/modules/caddy/default.nix
@@ -8,11 +8,58 @@ with lib;
 let
   cfg = config.modules.caddy;
   caddyMetricsPort = 2019;
+  
+  # Generate Caddyfile content from the proxy configuration
+  generateCaddyfile = proxies: 
+    let
+      proxyEntries = mapAttrsToList (domain: upstreams: 
+        let
+          upstreamList = if isList upstreams then upstreams else [upstreams];
+          upstreamStr = concatStringsSep " " upstreamList;
+        in ''
+        ${domain} {
+          reverse_proxy ${upstreamStr}
+          
+          # Optional: Add some common headers for better proxying
+          header_up Host {upstream_hostport}
+          header_up X-Real-IP {remote_host}
+          header_up X-Forwarded-For {remote_host}
+          header_up X-Forwarded-Proto {scheme}
+        }
+      '') proxies;
+    in
+    concatStringsSep "\n\n" proxyEntries;
+    
 in
 {
   options = {
     modules = {
-      caddy = { enable = mkEnableOption "Deploy Caddy"; };
+      caddy = { 
+        enable = mkEnableOption "Deploy Caddy";
+        
+        reverseProxies = mkOption {
+          type = types.attrsOf (types.either types.str (types.listOf types.str));
+          default = {};
+          description = "Attribute set of domain to upstream mappings for reverse proxying. Upstreams can be a single string or a list of strings for load balancing.";
+          example = {
+            "notes.nekomimi.pet" = "valefar:3009";
+            "git.nekomimi.pet" = ["morax:3000" "valefar:3000"];  # Load balance between multiple upstreams
+            "api.nekomimi.pet" = ["server1:8080" "server2:8080" "server3:8080"];
+          };
+        };
+        
+        extraConfig = mkOption {
+          type = types.lines;
+          default = "";
+          description = "Extra Caddyfile configuration to append";
+        };
+        
+        email = mkOption {
+          type = types.nullOr types.str;
+          default = null;
+          description = "Email address for ACME certificate registration";
+        };
+      };
     };
   };
 
@@ -29,10 +76,22 @@ in
 
     services.caddy = {
       enable = true;
-      /* package = pkgs.caddy.withPlugins {
-        plugins = [ "github.com/caddy-dns/cloudflare@v0.0.0-20240703190432-89f16b99c18e"];
-        hash = "sha256-JVkUkDKdat4aALJHQCq1zorJivVCdyBT+7UhqTvaFLw=";
+      /*package = pkgs.caddy.withPlugins {
+        plugins = [ "github.com/caddy-dns/cloudflare@v0.2.1"];
+        hash = "sha256-1niaf801sijvjrqvw998y8x7b43a0g162h3ry530qwl8lrgkapii";
       };*/
+      
+      extraConfig = ''
+        ${optionalString (cfg.email != null) ''
+          {
+            email ${cfg.email}
+          }
+        ''}
+        
+        ${generateCaddyfile cfg.reverseProxies}
+        
+        ${cfg.extraConfig}
+      '';
     };
 
     systemd.services.caddy = {