diff --git a/ansible/inventories/group_vars/all/main.yml b/ansible/inventories/group_vars/all/main.yml
index b5edce4..4e6ef9f 100644
--- a/ansible/inventories/group_vars/all/main.yml
+++ b/ansible/inventories/group_vars/all/main.yml
@@ -87,7 +87,7 @@ auto_configure_traefik:
     auth_required: true
 
   vaultwarden:
-    subdomain: "vaultwarden"
+    subdomain: "pwds"
     host: "10.0.2.27"
     port: 8004
     auth_required: false
@@ -165,6 +165,7 @@ auto_configure_traefik:
     subdomain: "pbs"
     host: "10.0.2.104"
     port: 8007
+    https: true
     auth_required: true
   # pinchflat:
   #   subdomain: "youtube"
@@ -175,6 +176,7 @@ auto_configure_traefik:
     subdomain: "proxmox"
     host: "10.0.2.2"
     port: 8006
+    https: true
     auth_required: true
   resume:
     subdomain: "resume"
diff --git a/ansible/roles/traefik/templates/remote-services.yml.j2 b/ansible/roles/traefik/templates/remote-services.yml.j2
index 683fdf1..fb0c498 100644
--- a/ansible/roles/traefik/templates/remote-services.yml.j2
+++ b/ansible/roles/traefik/templates/remote-services.yml.j2
@@ -19,6 +19,10 @@ http:
         scheme: https
         permanent: true
 
+  serversTransports:
+    ignore-tls:
+      insecureSkipVerify: true
+
   routers:
     # Static services - HTTPS
     traefik-secure:
@@ -179,6 +183,9 @@ http:
     {{ service_name }}:
       loadBalancer:
         passHostHeader: true
+{% if config.https | default(false) %}
+        serversTransport: ignore-tls@file
+{% endif %}
         servers:
-          - url: "http://{{ config.host }}:{{ config.port }}"
+          - url: "{{ 'https' if config.https | default(false) else 'http' }}://{{ config.host }}:{{ config.port }}"
 {% endfor %}