diff --git a/homelab/Caddyfile b/homelab/Caddyfile
index 9c01f80..f69db64 100644
--- a/homelab/Caddyfile
+++ b/homelab/Caddyfile
@@ -9,11 +9,11 @@
   }
 }
 
-http://git.woozle.org {
+git.woozle.org {
   reverse_proxy gitea:3000
 }
 
-http://drive.woozle.org {
+drive.woozle.org {
   import restricted-access
 
   # XXX: browsing says method not allowed
@@ -31,7 +31,7 @@ http://drive.woozle.org {
 }
 
 # XXX: have this use caddy auth
-http://ancestry.woozle.org {
+ancestry.woozle.org {
   reverse_proxy geneweb:2317
 }
 
@@ -40,7 +40,7 @@ http://ancestry.woozle.org {
 ## handle_path truncates path
 ##
 
-http://deergrove.woozle.org, http://sweetums.lan {
+deergrove.woozle.org, sweetums.lan {
   handle /transmission/* {
     import restricted-access
     reverse_proxy host.docker.internal:9091
diff --git a/homelab/docker-compose.yaml b/homelab/docker-compose.yaml
index ab21919..f3af973 100644
--- a/homelab/docker-compose.yaml
+++ b/homelab/docker-compose.yaml
@@ -6,8 +6,9 @@ services:
     entrypoint:
       - /usr/bin/ssh
       - -N
-      - -R :5880:caddy:80
+      - -R 172.17.0.1:5880:caddy:80 # 172.17.0.1 = docker host IP
       - -R :5822:host.docker.internal:22
+      - -o ServerAliveInterval=30
       - core@melville.woozle.org
     extra_hosts:
       - host.docker.internal:host-gateway
@@ -53,7 +54,7 @@ services:
       - host.docker.internal:host-gateway
 
   simpleauth:
-    image: ghcr.io/nealey/simpleauth
+    image: git.woozle.org/neale/simpleauth
     command:
       - -secret
       - /run/secrets/simpleauth.key
@@ -93,6 +94,8 @@ services:
 
   sonarr:
     image: lscr.io/linuxserver/sonarr
+    extra_hosts:
+      - host.docker.internal:host-gateway
     volumes:
       - type: bind
         source: /srv/sys/sonarr
@@ -105,6 +108,8 @@ services:
         target: /srv/incoming
   radarr:
     image: lscr.io/linuxserver/radarr
+    extra_hosts:
+      - host.docker.internal:host-gateway
     volumes:
       - type: bind
         source: /srv/sys/radarr
@@ -117,6 +122,8 @@ services:
         target: /srv/incoming
   lidarr:
     image: lscr.io/linuxserver/lidarr
+    extra_hosts:
+      - host.docker.internal:host-gateway
     volumes:
       - type: bind
         source: /srv/sys/lidarr
@@ -129,6 +136,8 @@ services:
         target: /srv/incoming
   readarr:
     image: lscr.io/linuxserver/readarr:develop
+    extra_hosts:
+      - host.docker.internal:host-gateway
     volumes:
       - type: bind
         source: /srv/sys/readarr
@@ -144,6 +153,8 @@ services:
         target: /srv/incoming
   prowlarr:
     image: lscr.io/linuxserver/prowlarr:develop
+    extra_hosts:
+      - host.docker.internal:host-gateway
     volumes:
       - type: bind
         source: /srv/sys/prowlarr
@@ -248,7 +259,7 @@ configs:
     name: dave.yaml-v3
   Caddyfile:
     file: Caddyfile
-    name: Caddyfile-v69
+    name: Caddyfile-v70
   index.html:
     file: www/index.html
     name: index.html-v32
diff --git a/melville/docker-compose.yaml b/melville/docker-compose.yaml
index adac217..6f9e543 100644
--- a/melville/docker-compose.yaml
+++ b/melville/docker-compose.yaml
@@ -23,6 +23,18 @@ services:
       - source: Caddyfile
         target: /etc/caddy/Caddyfile
 
+  simpleauth:
+    image: zix99/simple-auth
+    environment: 
+      SA_WEB_LOGIN_COOKIE_JWT_SIGNINGKEY: a-unqiue-signing-key
+      SA_VERBOSE: 'true'
+      SA_WEB_LOGIN_SETTINGS_ROUTEONLOGIN: "/"
+      SA_AUTHENTICATORS_VOUCH_ENABLED: 'true'
+    volumes:
+      - type: volume
+        source: sadb
+        target: /var/lib/simple-auth
+
   vail:
     image: ghcr.io/nealey/vail:main