diff --git a/hosts/ami/404.nix b/hosts/ami/404.nix
new file mode 100644
index 0000000..5a3ca3f
--- /dev/null
+++ b/hosts/ami/404.nix
@@ -0,0 +1,17 @@
+{website, ...}: {
+  services.nginx = {
+    enable = true;
+
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    virtualHosts."404.buffet.sh" = {
+      default = true;
+      enableACME = true;
+      forceSSL = true;
+      root = "${website}/404.html";
+    };
+  };
+}
diff --git a/hosts/ami/acme.nix b/hosts/ami/acme.nix
index c500f0f..734ef9e 100644
--- a/hosts/ami/acme.nix
+++ b/hosts/ami/acme.nix
@@ -3,9 +3,6 @@ _: {
     acceptTerms = true;
     defaults.email = "acme@buffet.sh";
     certs."buffet.sh" = {
-      extraDomainNames = [
-        "bitwarden.buffet.sh"
-      ];
     };
   };
 }
diff --git a/hosts/ami/default.nix b/hosts/ami/default.nix
index 87ccfef..ae9f9a0 100644
--- a/hosts/ami/default.nix
+++ b/hosts/ami/default.nix
@@ -9,6 +9,7 @@
     agenix.nixosModules.default
     disko.nixosModules.disko
 
+    ./404.nix
     ./acme.nix
     ./bitwarden.nix
     ./borg.nix
@@ -19,7 +20,7 @@
     ../../users/maintainer
   ];
 
-  age.identityPaths = [ "/root/.ssh/id_agenix" ];
+  age.identityPaths = ["/root/.ssh/id_agenix"];
 
   users = {
     mutableUsers = false;
diff --git a/hosts/ami/forgejo.nix b/hosts/ami/forgejo.nix
index 5531ce5..d3a7932 100644
--- a/hosts/ami/forgejo.nix
+++ b/hosts/ami/forgejo.nix
@@ -1,4 +1,4 @@
-{ pkgs, ...}: let
+{pkgs, ...}: let
   port = 3000;
 in {
   services = {
diff --git a/hosts/ami/system.nix b/hosts/ami/system.nix
index b95f8a3..7dedf5a 100644
--- a/hosts/ami/system.nix
+++ b/hosts/ami/system.nix
@@ -8,10 +8,10 @@
   time.timeZone = "UTC";
   i18n.defaultLocale = "en_US.UTF-8";
 
-      boot.loader.grub = {
-        efiSupport = true;
-        efiInstallAsRemovable = true;
-      };
+  boot.loader.grub = {
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+  };
 
   security.sudo.wheelNeedsPassword = false;
   services.openssh.enable = true;
diff --git a/hosts/ami/website.nix b/hosts/ami/website.nix
index 510158d..ebc18a7 100644
--- a/hosts/ami/website.nix
+++ b/hosts/ami/website.nix
@@ -14,11 +14,5 @@
       forceSSL = true;
       root = "${website}";
     };
-
-    virtualHosts."unix.pics" = {
-      enableACME = true;
-      forceSSL = true;
-      root = "/var/lib/stuff/unix.pics";
-    };
   };
 }