diff --git a/machines/valkyrie/blocky/default.nix b/machines/valkyrie/blocky/default.nix
index 340088e..70defb2 100644
--- a/machines/valkyrie/blocky/default.nix
+++ b/machines/valkyrie/blocky/default.nix
@@ -9,7 +9,7 @@
         };
         upstreams = {
           groups = {
-            default = [ "127.0.0.1:5335" ];
+            default = [ "127.0.0.1:5455" ];
             "100.64.0.0/10" = [ "127.0.0.1:5454" ];
             "fd7a:115c:a1e0::/96" = [ "127.0.0.1:5454" ];
             "fd7a:115c:a1e0:ab12::/64" = [ "127.0.0.1:5454" ];
@@ -35,17 +35,6 @@
 
         customDNS = {
           mapping = {
-            "home.datarift.nl" = "10.0.0.251";
-            "frigate.datarift.nl" = "10.0.0.251";
-            "git.datarift.nl" = "10.0.0.203";
-            "loki.datarift.nl" = "10.0.0.4";
-            "minio.datarift.nl" = "10.0.0.251";
-            "minio-admin.datarift.nl" = "10.0.0.251";
-            "mqtt.datarift.nl" = "10.0.0.254";
-            "nix-cache.datarift.nl" = "10.0.0.209";
-            "saga.datarift.nl" = "10.0.0.251";
-            "vidz.datarift.nl" = "10.0.0.211";
-
             # Horus
             "vaultserver.horus.nu" = "192.168.4.32";
           };
diff --git a/machines/valkyrie/coredns/datarift.zone b/machines/valkyrie/coredns/datarift.zone
new file mode 100644
index 0000000..efda775
--- /dev/null
+++ b/machines/valkyrie/coredns/datarift.zone
@@ -0,0 +1,14 @@
+$ORIGIN datarift.nl.
+$TTL 3600
+@           IN SOA gabe.ns.cloudflare.com. dns.cloudflare.com. 3 3600 900 86400 1800
+
+home        IN A 10.0.0.251
+frigate     IN A 10.0.0.251
+git         IN A 10.0.0.203
+loki        IN A 10.0.0.4
+minio       IN A 10.0.0.251
+minio-admin IN A 10.0.0.251
+mqtt        IN A 10.0.0.254
+nix-cache   IN A 10.0.0.209
+saga        IN A 10.0.0.251
+vidz        IN A 10.0.0.211
diff --git a/machines/valkyrie/coredns/default.nix b/machines/valkyrie/coredns/default.nix
index c525854..de64702 100644
--- a/machines/valkyrie/coredns/default.nix
+++ b/machines/valkyrie/coredns/default.nix
@@ -4,21 +4,28 @@
     enable = true;
 
     config = ''
-      datarift.nl:5454 {
-        bind 127.0.0.1 ::1
+      .:5454 {
+        bind lo
+        reload 5s
         tailscale datarift.nl {
           authkey {$TS_AUTHKEY}
           fallthrough
         }
         forward . 127.0.0.1:5335
         log
+        debug
         errors
       }
 
-      .:5454 {
-        bind 127.0.0.1 ::1
+      .:5455 {
+        bind lo
+        reload 5s
+        file ${./datarift.zone} datarift.nl {
+          reload 10s
+        }
         forward . 127.0.0.1:5335
         log
+        debug
         errors
       }
     '';