diff --git a/defaults/main/proxy_site_defs.yml b/defaults/main/proxy_site_defs.yml
index 09b78cd..de9e86f 100644
--- a/defaults/main/proxy_site_defs.yml
+++ b/defaults/main/proxy_site_defs.yml
@@ -3,7 +3,7 @@
   proxy_site_conf_dir : /etc/nginx/conf.d
   proxy_site_file     : "{{ proxy_site_conf_dir }}/zen_proxy.conf"
   proxy_site_version  : 1.8
-  proxy_site_revision : 20191113-214118
+  proxy_site_revision : 20200113-141420
 
 
   proxy_site_log_path   : /proxy_logs
@@ -11,8 +11,8 @@
 
 
   proxy_site_ssl_directory       : /etc/nginx/ssl
-  proxy_site_ssl_certificate     : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain5.pem"
-  proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey5.pem"
+  proxy_site_ssl_certificate     : "{{ proxy_site_ssl_directory }}/thezengarden.net/fullchain6.pem"
+  proxy_site_ssl_certificate_key : "{{ proxy_site_ssl_directory }}/thezengarden.net/privkey6.pem"
   proxy_site_ssl_protocols       : TLSv1.2
   proxy_site_ssl_ciphers         : ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256
 
diff --git a/defaults/main/proxy_sites.yml b/defaults/main/proxy_sites.yml
index dc63b4d..fad6a6d 100644
--- a/defaults/main/proxy_sites.yml
+++ b/defaults/main/proxy_sites.yml
@@ -16,7 +16,7 @@ proxy_sites:
 
   gitea.thezengarden.net:
     proto      : http
-    dest       : docker.thezengarden.net
+    dest       : pi.thezengarden.net
     port       : 3000
     max_upload : "{{ proxy_default_max_upload }}"
 
@@ -119,6 +119,12 @@ proxy_sites:
     port  : 443
 
 
+  pw.thezengarden.net:
+    proto : http
+    dest  : docker.thezengarden.net
+    port  : 8001
+
+
   images.thezengarden.net:
     proto      : http
     dest       : "{{ proxy_default_host }}"
@@ -133,13 +139,20 @@ proxy_sites:
     max_upload : "{{ proxy_default_max_upload }}"
 
 
+  wifi.thezengarden.net:
+    proto      : https
+    dest       : unifi.thezengarden.net
+    port       : 8443
+    max_upload : "{{ proxy_default_max_upload }}"
+
+
   lakeshorebulldogs.com:
     aliases    : www.lakeshorebulldogs.com
     proto      : http
     dest       : "{{ proxy_default_host }}"
     port       : 80
-    ssl_cert   : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/fullchain1.pem"
-    ssl_key    : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/privkey1.pem"
+    ssl_cert   : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/fullchain2.pem"
+    ssl_key    : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/privkey2.pem"
     max_upload : "{{ proxy_default_max_upload }}"
 
 
@@ -167,8 +180,8 @@ proxy_sites:
     proto    : http
     dest     : "{{ proxy_default_host }}"
     port     : 80
-    ssl_cert : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain4.pem"
-    ssl_key  : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey4.pem"
+    ssl_cert : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain5.pem"
+    ssl_key  : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey5.pem"
 
 
   christian-hammer.com:
@@ -176,13 +189,13 @@ proxy_sites:
     proto    : http
     dest     : "{{ proxy_default_host }}"
     port     : 80
-    ssl_cert : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain4.pem"
-    ssl_key  : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey4.pem"
+    ssl_cert : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain5.pem"
+    ssl_key  : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey5.pem"
 
 
   chris-hammer.com:
     proto    : http
     dest     : "{{ proxy_default_host }}"
     port     : 80
-    ssl_cert : "{{ proxy_site_ssl_directory }}/christian-hammer.com/fullchain4.pem"
-    ssl_key  : "{{ proxy_site_ssl_directory }}/christian-hammer.com/privkey4.pem"
+    ssl_cert : "{{ proxy_site_ssl_directory }}/chris-hammer.com/fullchain5.pem"
+    ssl_key  : "{{ proxy_site_ssl_directory }}/chris-hammer.com/privkey5.pem"
diff --git a/tasks/main.yml b/tasks/main.yml
index c6ee76d..7032304 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -45,6 +45,8 @@
   tags: always
 
 
+  ## TODO: fix the perms on ssl certs!!@*&!@^&*
+
 - name: clone ssl certs
   git:
     repo: "{{ ssl_repo }}"
@@ -70,4 +72,4 @@
     name  : nginx
     state : started
   tags: always
-  when: ansible_virtualization_type != "docker"
\ No newline at end of file
+  when: ansible_virtualization_type != "docker"
diff --git a/templates/proxy_site.j2 b/templates/proxy_site.j2
index 171b955..bc89746 100644
--- a/templates/proxy_site.j2
+++ b/templates/proxy_site.j2
@@ -35,10 +35,8 @@ client_max_body_size {{ proxy_sites[item.key]['max_upload'] }};
     proxy_set_header X-Forwarded-Proto https;
     proxy_set_header Host $host;
 
-    {% if item.key == "tower.thezengarden.net" or item.key == "tower2.thezengarden.net" %}
-proxy_set_header   Upgrade            $http_upgrade;
+    proxy_set_header   Upgrade            $http_upgrade;
     proxy_set_header   Connection         "upgrade";
-    {% endif %}
 
     proxy_pass {{ proxy_sites[item.key]['proto'] }}://{{ proxy_sites[item.key]['dest'] }}:{{ proxy_sites[item.key]['port'] }};