diff --git a/newinfra/nix/hive.nix b/newinfra/nix/hive.nix
index 663cc33..6136020 100644
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@@ -17,7 +17,7 @@
     # machinesFile = ./machines.client-a;
   };
 
-  defaults = { pkgs, ... }: {
+  defaults = { pkgs, config, lib, ... }: {
     # This module will be imported by all hosts
     environment.systemPackages = with pkgs; [
       vim
@@ -31,6 +31,7 @@
       "${builtins.fetchTarball "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz"}/modules/age.nix" # main 2024-07-26
     ];
 
+    deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";
     time.timeZone = "Europe/Zurich";
     users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ];
 
@@ -43,22 +44,15 @@
   dns1 = { name, nodes, modulesPath, ... }: {
     imports = [
       (modulesPath + "/profiles/qemu-guest.nix")
+      ./modules/contabo
       ./modules/dns
     ];
 
     # The name and nodes parameters are supported in Colmena,
     # allowing you to reference configurations in other nodes.
     networking.hostName = name;
-
-    deployment.targetHost = "dns1.nilstrieb.dev";
     deployment.tags = [ "dns" "us" ];
-
     system.stateVersion = "23.11";
-
-    boot.loader.grub.device = "/dev/sda";
-    boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
-    boot.initrd.kernelModules = [ "nvme" ];
-    fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
   };
   dns2 = { name, nodes, modulesPath, lib, ... }: {
     imports = [
@@ -66,13 +60,8 @@
       ./modules/dns
     ];
 
-    # The name and nodes parameters are supported in Colmena,
-    # allowing you to reference configurations in other nodes.
     networking.hostName = name;
-
-    deployment.targetHost = "dns2.nilstrieb.dev";
     deployment.tags = [ "dns" "eu" ];
-
     system.stateVersion = "23.11";
 
     boot.loader.grub.device = "/dev/sda";
@@ -116,24 +105,15 @@
   vps1 = { name, nodes, modulesPath, ... }: {
     imports = [
       (modulesPath + "/profiles/qemu-guest.nix")
+      ./modules/contabo
       ./modules/ingress
       ./modules/widetom
     ];
 
     age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age;
 
-    # The name and nodes parameters are supported in Colmena,
-    # allowing you to reference configurations in other nodes.
     networking.hostName = name;
-
-    deployment.targetHost = "vps1.nilstrieb.dev";
     deployment.tags = [ "ingress" "eu" "apps" ];
-
     system.stateVersion = "23.11";
-
-    boot.loader.grub.device = "/dev/sda";
-    boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
-    boot.initrd.kernelModules = [ "nvme" ];
-    fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
   };
 }
diff --git a/newinfra/nix/modules/contabo/default.nix b/newinfra/nix/modules/contabo/default.nix
new file mode 100644
index 0000000..5b2d8c5
--- /dev/null
+++ b/newinfra/nix/modules/contabo/default.nix
@@ -0,0 +1,7 @@
+# Default settings for Contabo VPS.
+{ ... }: {
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
+}
diff --git a/newinfra/nix/modules/dns/noratrieb.dev.nix b/newinfra/nix/modules/dns/noratrieb.dev.nix
index 40d4b06..4d83315 100644
--- a/newinfra/nix/modules/dns/noratrieb.dev.nix
+++ b/newinfra/nix/modules/dns/noratrieb.dev.nix
@@ -33,6 +33,7 @@ let
         localhost.A = [ (a "127.0.0.1") ];
         newtest.TXT = [ "uwu it works" ];
 
+        # TODO: generate dynamically from IPs...
         infra.subdomains = {
           inherit dns1;
           inherit dns2;
diff --git a/newinfra/nix/modules/ingress/default.nix b/newinfra/nix/modules/ingress/default.nix
index b964688..17d9f3d 100644
--- a/newinfra/nix/modules/ingress/default.nix
+++ b/newinfra/nix/modules/ingress/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }: {
+{ pkgs, config, ... }: {
   networking.firewall.allowedTCPPorts = [
     22
     443
@@ -10,7 +10,7 @@
       (
         builtins.readFile ./Caddyfile +
         ''
-          vps1.nilstrieb.dev {
+          ${config.networking.hostName}.infra.noratrieb.dev {
             root * ${./debugging-page}
             file_server
           }
diff --git a/newinfra/nix/smoke-tests.sh b/newinfra/nix/smoke-tests.sh
new file mode 100755
index 0000000..63badfa
--- /dev/null
+++ b/newinfra/nix/smoke-tests.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+# This script does a few basic smoke tests to ensure the servers haven't completely died.
+
+set -eux
+
+# Check DNS name servers
+dig @ns1.noratrieb.dev dns1.infra.noratrieb.dev +noall +answer | grep 154.38.163.74
+dig @ns2.noratrieb.dev dns1.infra.noratrieb.dev +noall +answer | grep 154.38.163.74
+
+dig @ns1.noratrieb.dev nilstrieb.dev +noall +answer | grep 185.199.108.153
+dig @ns2.noratrieb.dev nilstrieb.dev +noall +answer | grep 185.199.108.153
+
+# Check HTTP responses
+curl --fail https://vps1.infra.noratrieb.dev