diff --git a/hosts/bekkalokk/services/nginx.nix b/hosts/bekkalokk/services/nginx.nix
deleted file mode 100644
index 183f49e6..00000000
--- a/hosts/bekkalokk/services/nginx.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ pkgs, config, ... }:
-{
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "drift@pvv.ntnu.no";
-  };
-
-  services.nginx = {
-    enable = true;
-
-    recommendedTlsSettings = true;
-    recommendedProxySettings = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-  };
-
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
-}
diff --git a/hosts/bekkalokk/services/nginx/ingress.nix b/hosts/bekkalokk/services/nginx/ingress.nix
index 9e02bcfe..7aeb0f37 100644
--- a/hosts/bekkalokk/services/nginx/ingress.nix
+++ b/hosts/bekkalokk/services/nginx/ingress.nix
@@ -2,139 +2,47 @@
 {
   services.nginx.virtualHosts = {
     "www2.pvv.ntnu.no" = {
+      addSSL = true;
+      enableACME = true;
+
+      # TODO after updating the corresponding DNS record:
+      # serverAliases = [ "www2.pvv.org" "pvv.ntnu.no" "pvv.org" ]
       serverAliases = [ "www2.pvv.org" ];
+
       locations = {
-        # "^/$".return = "301 http://www.pvv.ntnu.no/pvv/";
-        "^/$".return = "301 http://www.pvv.ntnu.no/";
+        # Redirect the main website
+        "= /".return = "301 https://www.pvv.ntnu.no/";
 
-        "^/disk/".return = "301 http://www.pvv.ntnu.no/pvv/Diskkjøp";
-        "^/dok/boker.php".return = "301 http://www.pvv.ntnu.no/pvv/Bokhyllen";
-        "^/styret/$".return = "301 http://www.pvv.ntnu.no/pvv/Styret";
-        "^/styret/lover/".return = "301 http://www.pvv.ntnu.no/pvv/Lover";
-        "^/info/$".return = "301 http://www.pvv.ntnu.no/pvv/";
-        "^/info/maskinpark/$".return = "301 http://www.pvv.ntnu.no/pvv/Maskiner";
-        "^/medlemssider/meldinn.php".return = "301 http://www.pvv.ntnu.no/pvv/Medlemskontingent";
-        "^/diverse/medlems-sider.php".return = "301 http://www.pvv.ntnu.no/pvv/Medlemssider";
-        "^/cert/$".return = "301 http://www.pvv.ntnu.no/pvv/CERT";
-        "^/drift".return = "301 http://www.pvv.ntnu.no/pvv/Drift";
-        "^/diverse/abuse.php".return = "301 http://www.pvv.ntnu.no/pvv/CERT/Abuse";
-        "^/nerds/".return = "301 http://www.pvv.ntnu.no/pvv/Nerdepizza";
+        # Proxy home directories
+        "/~" = {
+          extraConfig = ''
+            proxy_redirect off;
+            proxy_pass https://tom.pvv.ntnu.no;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+          '';
+        };
 
+        # Redirect old wiki entries
+        "/disk".return = "301 https://www.pvv.ntnu.no/pvv/Diskkjøp";
+        "/dok/boker.php".return = "301 https://www.pvv.ntnu.no/pvv/Bokhyllen";
+        "/styret/lover/".return = "301 https://www.pvv.ntnu.no/pvv/Lover";
+        "/styret/".return = "301 https://www.pvv.ntnu.no/pvv/Styret";
+        "/info/".return = "301 https://www.pvv.ntnu.no/pvv/";
+        "/info/maskinpark/".return = "301 https://www.pvv.ntnu.no/pvv/Maskiner";
+        "/medlemssider/meldinn.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemskontingent";
+        "/diverse/medlems-sider.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemssider";
+        "/cert/".return = "301 https://www.pvv.ntnu.no/pvv/CERT";
+        "/drift".return = "301 https://www.pvv.ntnu.no/pvv/Drift";
+        "/diverse/abuse.php".return = "301 https://www.pvv.ntnu.no/pvv/CERT/Abuse";
+        "/nerds/".return = "301 https://www.pvv.ntnu.no/pvv/Nerdepizza";
+
+        # TODO: Redirect web main
         "/webmail".return = "301 https://webmail.pvv.ntnu.no/squirrelmail";
-
       };
-      extraConfig = ''
-        rewrite ^/(~.*) http://tom.pvv.ntnu.no/$1 permanent;
-      '';
     };
   };
 }
 
-
-
-## Om denne er "none" gjør det at apache ikke gidder å åpne .htaccess-filer. Det
-## er veldig greit om man ikke vil at den skal automounte /home/pvv/.htaccess,
-## for å ta et tilfeldig eksempel ;-)
-#<Directory />
-#    AllowOverride none
-#</Directory>
-
-#<Directory /var/www/pvv>
-#    Options Indexes FollowSymLinks
-#    AllowOverride All
-#    Order allow,deny
-#    Allow from all
-#    AddDefaultCharset iso-8859-1
-#</Directory>
-
-#<Directory />
-#        Options FollowSymLinks
-#        AllowOverride None
-#</Directory>
-
-#<Directory /var/www/wiki.pvv.ntnu.no>
-#        Options FollowSymLinks SymLinksIfOwnerMatch
-#        AllowOverride None
-#        Order allow,deny
-#        Allow from all
-#</Directory>
-
-#Alias /pvv "/var/www/wiki.pvv.ntnu.no/w/index.php"
-#Alias /w /var/www/wiki.pvv.ntnu.no/w
-#Alias /moin-static/ "/usr/share/moin/htdocs/"
-#ScriptAlias /gammel "/usr/share/moin/server/moin.cgi"
-
-## :80 defineres av debians default ports.conf, men ikke :443
-##NameVirtualHost *:80
-#NameVirtualHost *:443
-
-#<VirtualHost *:80>
-#    ServerName www.pvv.ntnu.no
-#    ServerAlias www.pvv.org
-#    ServerAdmin drift@pvv.ntnu.no
-#    DocumentRoot /var/www/pvv
-
-#    RedirectPermanent /webmail https://webmail.pvv.ntnu.no/squirrelmail
-
-#    RewriteEngine on
-#    RewriteRule ^/(~.*) http://tom.pvv.ntnu.no/$1 [P]
-#    ProxyPreserveHost on
-
-#</VirtualHost>
-
-#<VirtualHost *:443>
-#    ServerName www.pvv.ntnu.no
-#    ServerAlias www.pvv.org
-#    ServerAdmin drift@pvv.ntnu.no
-#    DocumentRoot /var/www/pvv
-
-#    SSLEngine on
-#    SSLProxyEngine on
-#    SSLCertificateFile /etc/apache2/certs/www.pvv.ntnu.no.new.crt
-#    SSLCertificateKeyFile /etc/apache2/certs/www.pvv.ntnu.no.new.key
-#    SSLCertificateChainFile /etc/apache2/certs/www.pvv.ntnu.no_chain.new.crt
-##    SSLCertificateChainFile /etc/apache2/certs/DigiCertCA.crt
-#    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-##    SSLProxyVerify none
-##    SSLProxyCheckPeerCN off
-##    SSLProxyCheckPeerName off
-#    SSLProxyCheckPeerExpire off
-
-#    RedirectPermanent /webmail https://webmail.pvv.ntnu.no/squirrelmail
-
-
-#    RewriteEngine on
-#    RewriteRule ^/(~.*) https://tom.pvv.ntnu.no/$1 [P]
-#    ProxyPreserveHost on
-
-#</VirtualHost>
-
-## Redirects for gamle wiki.pvv.ntnu.no
-#<VirtualHost *:80>
-#    ServerAdmin drift@pvv.org
-#    ServerName wiki.pvv.ntnu.no
-#    ServerAlias wiki.pvv.org
-#    DocumentRoot /var/www/pvv
-
-#    RedirectPermanent / http://www.pvv.ntnu.no/
-
-#    LogLevel warn
-#    CustomLog /var/log/apache2/wiki.log combined
-#    ErrorLog /var/log/apache2/error.log
-#</VirtualHost>
-
-#<VirtualHost *:443>
-#    ServerAdmin drift@pvv.org
-#    ServerName wiki.pvv.ntnu.no
-#    ServerAlias wiki.pvv.org
-#    DocumentRoot /var/www/pvv
-
-#    RedirectPermanent / https://www.pvv.ntnu.no/
-
-#    SSLEngine on
-#    SSLProxyEngine on
-#    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
-#    SSLCertificateFile /etc/apache2/certs/www.pvv.ntnu.no.crt
-#    SSLCertificateKeyFile /etc/apache2/certs/www.pvv.ntnu.no.key
-#    SSLCertificateChainFile /etc/apache2/certs/www.pvv.ntnu.no_chain.crt
-#</VirtualHost>