diff --git a/hosts/lkk-nix-1/default.nix b/hosts/lkk-nix-1/default.nix
index 604c716..07a2255 100644
--- a/hosts/lkk-nix-1/default.nix
+++ b/hosts/lkk-nix-1/default.nix
@@ -32,6 +32,11 @@
       mj-smtp-pass.file = ../../secrets/mj-smtp-pass.age;
       tailscale-key.file = ../../secrets/tailscale-key.age;
 
+      vaultwarden-env = {
+        file = ../../secrets/vaultwarden-env.age;
+        mode = "770";
+      };
+
       n8n-env = {
         file = ../../secrets/n8n-env.age;
         mode = "770";
diff --git a/hosts/lkk-nix-1/services/default.nix b/hosts/lkk-nix-1/services/default.nix
index d83e5c9..a65b070 100644
--- a/hosts/lkk-nix-1/services/default.nix
+++ b/hosts/lkk-nix-1/services/default.nix
@@ -12,5 +12,6 @@
     ./syncthing.nix
     ./tailscale.nix
     ./traefik.nix
+    ./vaultwarden.nix
   ];
 }
diff --git a/hosts/lkk-nix-1/services/traefik.nix b/hosts/lkk-nix-1/services/traefik.nix
index 3308776..36e2fba 100644
--- a/hosts/lkk-nix-1/services/traefik.nix
+++ b/hosts/lkk-nix-1/services/traefik.nix
@@ -85,6 +85,8 @@
           minio-console.loadBalancer.servers =
             [{ url = "http://localhost:9001/"; }];
           metabase.loadBalancer.servers = [{ url = "http://localhost:3013/"; }];
+          vaultwarden.loadBalancer.servers =
+            [{ url = "http://localhost:3014/"; }];
         };
         routers = {
           api = {
@@ -273,6 +275,15 @@
             service = "metabase";
             entrypoints = "websecure";
           };
+          vaultwarden = {
+            rule = "Host(`vw.lanakk.com`)";
+            tls = {
+              certResolver = "godaddy";
+              domains = "vw.lanakk.com";
+            };
+            service = "metabase";
+            entrypoints = "websecure";
+          };
         };
       };
     };
diff --git a/secrets.nix b/secrets.nix
index cf52cb4..ca7b4e9 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -1,5 +1,6 @@
 let
-  system = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU=";
+  system =
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU=";
 in {
   "mj-smtp-user.age".publicKeys = [ system ];
   "mj-smtp-pass.age".publicKeys = [ system ];
@@ -13,7 +14,7 @@ in {
 
   "tailscale-key.age".publicKeys = [ system ];
   "wg-key.age".publicKeys = [ system ];
-  
+
   "briefkasten-env.age".publicKeys = [ system ];
 
   "littlelink-lanakk-env.age".publicKeys = [ system ];
@@ -22,4 +23,6 @@ in {
   "traefik-env.age".publicKeys = [ system ];
 
   "minio-system-cred.age".publicKeys = [ system ];
+
+  "vaultwarden-env.age".publicKeys = [ system ];
 }