diff --git a/hosts/vno1-oh2/configuration.nix b/hosts/vno1-oh2/configuration.nix
index e9ce9a7..4695de7 100644
--- a/hosts/vno1-oh2/configuration.nix
+++ b/hosts/vno1-oh2/configuration.nix
@@ -246,11 +246,17 @@
           metrics
         }
       '';
-      virtualHosts."grafana.jakstys.lt".extraConfig = ''
+      virtualHosts."grafana.jakstys.lt:443".extraConfig = ''
+        @denied not remote_ip ${myData.subnets.tailscale.cidr}
+        abort @denied
+
+        redir http://grafana.jakstys.lt{uri}
+        tls {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-cert.pem {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-key.pem
+      '';
+      virtualHosts."grafana.jakstys.lt:80".extraConfig = ''
         @denied not remote_ip ${myData.subnets.tailscale.cidr}
         abort @denied
         reverse_proxy 127.0.0.1:3000
-        tls {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-cert.pem {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-key.pem
       '';
       virtualHosts."bitwarden.jakstys.lt".extraConfig = ''
         @denied not remote_ip ${myData.subnets.tailscale.cidr}