diff --git a/hosts/daedalus/default.nix b/hosts/daedalus/default.nix
index 62d9d3f8..df071619 100644
--- a/hosts/daedalus/default.nix
+++ b/hosts/daedalus/default.nix
@@ -52,15 +52,15 @@ with lib.my;
       tmMountPath = "/tmp/timeMachineSnapshotForBorg";
     in
     {
-      enable = true;
+      enable = false;
       configurations."daedalus-ds9" = {
         source_directories = [ tmMountPath ];
         exclude_if_present = [ ".nobackup" ];
         repositories = [
-          "ssh://ragon@ds9/backups/daedalus/borgmatic"
-          "ssh://root@gatebridge/media/backup/daedalus"
+          { path = "ssh://ragon@ds9/backups/daedalus/borgmatic"; label = "ds9"; }
+          { path = "ssh://root@gatebridge/media/backup/daedalus"; label = "gatebridge"; }
         ];
-        encryption_passcommand = ''security find-generic-password -a daedalus -s borgmaticKey -g 2>&1 | grep -E 'password' | sed 's/^.*"\(.*\)"$/\1/g' '';
+        encryption_passcommand = pkgs.writeShellScript "getBorgmaticPw" ''security find-generic-password -a daedalus -s borgmaticKey -g 2>&1 | grep -E 'password' | sed 's/^.*"\(.*\)"$/\1/g' '';
         compression = "auto,zstd,10";
         #ssh_command = "ssh -o GlobalKnownHostsFile=${config.age.secrets.gatebridgeHostKeys.path} -i ${config.age.secrets.picardResticSSHKey.path}";
         keep_hourly = 24;
@@ -73,9 +73,9 @@ with lib.my;
             "apfsSnapshot"
             ''
               tmutil localsnapshot
-              SNAPSHOT=$(tmutil listlocalsnapshots / | tail -n 1)
+              SNAPSHOT=$(tmutil listlocalsnapshots / | grep TimeMachine | tail -n 1)
               mkdir -p "${tmMountPath}"
-              mount -t apfs -r -o -s=$SNAPSHOT / "${tmMountPath}"
+              mount_apfs -s $SNAPSHOT /System/Volumes/Data "${tmMountPath}"
             '')
         ];
         after_backup = [
@@ -83,8 +83,16 @@ with lib.my;
             "apfsSnapshotUnmount"
             ''
               diskutil unmount "${tmMountPath}"
-              SNAPSHOT=$(tmutil listlocalsnapshots / | tail -n 1)
-              tmutil deletelocalsnapshots $(echo $SNAPSHOT | sed 's/com\.apple\.TimeMachine\.//g')
+              SNAPSHOT=$(tmutil listlocalsnapshots / | grep TimeMachine | tail -n 1)
+              tmutil deletelocalsnapshots $(echo $SNAPSHOT | sed 's/com\.apple\.TimeMachine\.\(.*\)\.local/\1/g')
+            '')
+        ];
+        on_error = [
+
+          (pkgs.writeShellScript
+            "apfsSnapshotUnmountError"
+            ''
+              diskutil unmount "${tmMountPath}"
             '')
         ];
       };
diff --git a/hosts/picard/default.nix b/hosts/picard/default.nix
index 380bde4d..bb71d291 100644
--- a/hosts/picard/default.nix
+++ b/hosts/picard/default.nix
@@ -75,6 +75,12 @@
     locations."/".return = "307 https://xyno.space$request_uri";
   } // (lib.my.findOutTlsConfig "xyno.systems" config);
 
+  services.nginx.virtualHosts."czi.dating" = {
+    locations."/".return = "307 https://foss-ag.de$request_uri";
+    forceSSL = true;
+    enableACME = true;
+  };
+
   security.acme.certs."xyno.space" = {
     dnsProvider = "ionos";
     dnsResolver = "1.1.1.1:53";
@@ -187,7 +193,7 @@
       ts3.enable = true;
       nginx.enable = true;
       nginx.domain = "ragon.xyz";
-      nginx.domains = [ "xyno.space" "xyno.systems" ];
+      nginx.domains = [ "xyno.space" "xyno.systems" "czi.dating" ];
     };
 
   };
diff --git a/hosts/picard/xynospace-matrix.nix b/hosts/picard/xynospace-matrix.nix
index f75b7aaf..8f1cc3be 100644
--- a/hosts/picard/xynospace-matrix.nix
+++ b/hosts/picard/xynospace-matrix.nix
@@ -28,20 +28,20 @@ in
 
   users.users.slidingsync = { isSystemUser = true; group = "slidingsync"; uid = 990; };
   users.groups.slidingsync = { gid = 988; };
-  virtualisation.oci-containers.containers."matrix-sliding-sync" = {
-    image = "ghcr.io/matrix-org/sliding-sync:latest";
-    ports = [ "127.0.0.1:8009:8008" ];
-    user = "${toString config.users.users.slidingsync.uid}:${toString config.users.groups.slidingsync.gid}";
-    volumes = [
-      "/run/postgresql:/run/postgresql"
-    ];
-    environmentFiles = [ config.age.secrets.picardSlidingSyncSecret.path ];
-    environment = {
-      SYNCV3_SERVER = "https://${fqdn}";
-      SYNCV3_BINDADDR = ":8008";
-      SYNCV3_DB = "host=/run/postgresql user=slidingsync dbname=slidingsync password=slidingsync";
-    };
-  };
+  # virtualisation.oci-containers.containers."matrix-sliding-sync" = {
+  #   image = "ghcr.io/matrix-org/sliding-sync:latest";
+  #   ports = [ "127.0.0.1:8009:8008" ];
+  #   user = "${toString config.users.users.slidingsync.uid}:${toString config.users.groups.slidingsync.gid}";
+  #   volumes = [
+  #     "/run/postgresql:/run/postgresql"
+  #   ];
+  #   environmentFiles = [ config.age.secrets.picardSlidingSyncSecret.path ];
+  #   environment = {
+  #     SYNCV3_SERVER = "https://${fqdn}";
+  #     SYNCV3_BINDADDR = ":8008";
+  #     SYNCV3_DB = "host=/run/postgresql user=slidingsync dbname=slidingsync password=slidingsync";
+  #   };
+  # };
   services.postgresql = {
     ensureDatabases = [ "slidingsync" ];
     ensureUsers = [