diff --git a/inventories/z9/group_vars/all.yaml b/inventories/z9/group_vars/all.yaml
index 20a4e7f..5cc3233 100644
--- a/inventories/z9/group_vars/all.yaml
+++ b/inventories/z9/group_vars/all.yaml
@@ -40,7 +40,7 @@ alloy_config_default: |
       source_labels = ["instance"]
       target_label = "instance"
       regex  = "([^:]+)"
-      replacement = "${1}.z9.ccchh.net"
+      replacement = "${1}.ccchh.net"
       action = "replace"
     }
   }
diff --git a/inventories/z9/host_vars/light.sops.yaml b/inventories/z9/host_vars/light.sops.yaml
index afb4c68..76e103c 100644
--- a/inventories/z9/host_vars/light.sops.yaml
+++ b/inventories/z9/host_vars/light.sops.yaml
@@ -1,11 +1,9 @@
 ansible_pull__age_private_key: ENC[AES256_GCM,data:VEGxr8C7RlEhyQhf+to/OrbfPPKkyL7iUU1yDXGAzmmPCQ4VftK71eiyN7OS6pG8J89Mj4Sy/dcY4SUX+rTl/q1csZMn9t4NBN8=,iv:JcrdyFLX5srZfRj9SA+RXf+CRZi5GEcApgyYsHoHTGE=,tag:xdJ4GmK3afZDkXmkrriStg==,type:str]
 secret__acme_dns_api_key_light_ccchh_net: ENC[AES256_GCM,data:SLUNVJQ4Nkos+tYH0l9ndJI8mrfZFC9i/qQqkcHgfLaNjL1tFuAFfQ==,iv:cc7DsiqzMlc2lh3D63cElMQcOeYT7oNxmRy7irSr9/s=,tag:dBnTAJXvgWlmq5vVGxrykw==,type:str]
-secret__acme_dns_api_key_light_z9_ccchh_net: ENC[AES256_GCM,data:m6+Sk533qTRfhrwv7U2RydJh/j7KjJKHiEetyzgvJV1dgWXmE5AhYA==,iv:lAGv4vfxA+DQfwaHiDp3NMel0tjmZl96nKUAN8QGFe4=,tag:h0wM/F9E4dIy+NYLIVUpxg==,type:str]
 secret__acme_dns_api_key_light_werkstatt_ccchh_net: ENC[AES256_GCM,data:zJ9hQo1jmQ5+d0oU+CD+cQh89HshPpguZCak7Nfjdb2bygUXJrEIIw==,iv:y+FSB/k5LixKJOm9egWsjhByQAdv7TfJHvv3job2oYg=,tag:CmuUqnCI3V/aOOUitzYT9Q==,type:str]
 sops:
   age:
-    - recipient: age1llkxtfx4dgnezmukj4ganx4ql9k4ga4ca9zuanf5r568jfp8peeqal490q
-      enc: |
+    - enc: |
         -----BEGIN AGE ENCRYPTED FILE-----
         YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSNzBtc3lkZHlqeTFIa2RX
         ZWgyV0lZQ0wxRm4vZ0Q3Y1d4RTlhYzk0ZUdzCkQ5VjdlSldCc0ZqZlBIOTMrclV6
@@ -13,8 +11,9 @@ sops:
         azNiRDFuU2V4V25iV3dORW42UGZPRmsKOsa+36+NKjmS8xMAoCueJdhIIUtdhl15
         3grlxNwv4axlKNy1ynSSmneyAZ6g+OF80b4YNxzZYcfnECB1VnDENA==
         -----END AGE ENCRYPTED FILE-----
-  lastmodified: "2026-04-11T01:24:10Z"
-  mac: ENC[AES256_GCM,data:D7qAgDZX8B0oNdZovHE74sSZI5X3qd8oDPHWl13Q2ohLnp9vJsFxrKntXxeeHASzQceDv2RQ1exwq7ZPor62sLFx+xO1Dc0Awpq1eoclDlHPyKlvT3pgkcB8IxDO/FuO+7hg/bJkmTHhbHTiHLGQDWN2sQev309Eka86lQyCzIQ=,iv:OBCobeUp+GwdDQhrNtTJhiRVMxRJafq5g1rhMoEFhjc=,tag:OSAWMn2NPZnVKcRX+eJf+Q==,type:str]
+      recipient: age1llkxtfx4dgnezmukj4ganx4ql9k4ga4ca9zuanf5r568jfp8peeqal490q
+  lastmodified: "2026-05-26T09:09:21Z"
+  mac: ENC[AES256_GCM,data:NGVGI70dGuJS4qMfpy3tE9MTvX9O8Rwt+Nv+gdqLUkleMEe8sWKbAgfFyWIYxroo7AXFEl3jIFQ7pmcvnSTUBprR7mL3//3QcXQXthxW/mVCf4DRtr7fcqAtctTrC2iRZnZ1YrOz/sSO7G0bgmcx43tYDZPZ+udNKO2pvZvclCE=,iv:xvDS6QVfOPcLk0C12YES2CVKCs6pWl7xPReWtgCyMIw=,tag:pXfFkbWWQpMlwE6g6nO2hQ==,type:str]
   pgp:
     - created_at: "2026-05-20T02:08:48Z"
       enc: |-
@@ -187,4 +186,4 @@ sops:
         -----END PGP MESSAGE-----
       fp: 41FFAF3D519CF5C039FBD8414BCC213729AF0E49
   unencrypted_suffix: _unencrypted
-  version: 3.12.2
+  version: 3.13.1
diff --git a/inventories/z9/host_vars/light.yaml b/inventories/z9/host_vars/light.yaml
index c14515d..2fb01e3 100644
--- a/inventories/z9/host_vars/light.yaml
+++ b/inventories/z9/host_vars/light.yaml
@@ -67,12 +67,6 @@ certbot__certs:
       subdomain: "e59f55ee-9013-469d-a146-a159721b6fea"
       apiUser: "33e96ec7-1f98-4f70-92be-85a42dabd211"
       apiKey: "{{ secret__acme_dns_api_key_light_ccchh_net }}"
-  - commonName: "light.z9.ccchh.net"
-    challengeType: "dns-01-acme-dns"
-    dns_01_acme_dns:
-      subdomain: "3bc9e7ce-03dd-4533-a059-b5d38407eaa5"
-      apiUser: "c3b00882-ca2a-4d11-9ebd-fccfb8618b75"
-      apiKey: "{{ secret__acme_dns_api_key_light_z9_ccchh_net }}"
   - commonName: "light-werkstatt.ccchh.net"
     challengeType: "dns-01-acme-dns"
     dns_01_acme_dns:
diff --git a/inventories/z9/hosts.yaml b/inventories/z9/hosts.yaml
index 47254ea..237a8cc 100644
--- a/inventories/z9/hosts.yaml
+++ b/inventories/z9/hosts.yaml
@@ -1,14 +1,16 @@
 all:
   hosts:
     dooris:
-      ansible_host: dooris.z9.ccchh.net
+      ansible_host: dooris.ccchh.net
       ansible_user: chaos
     light:
-      ansible_host: light.z9.ccchh.net
+      ansible_host: light.ccchh.net
       ansible_user: chaos
     opensourcetorrents:
       ansible_host: opensourcetorrents.ccchh.net
       ansible_user: chaos
+    thinkcccore0:
+      ansible_host: thinkcccore0.ccchh.net
     waybackproxy:
       ansible_host: waybackproxy.ccchh.net
       ansible_user: chaos
diff --git a/resources/z9/light/nginx/light.conf b/resources/z9/light/nginx/light.conf
index 6217e04..8d90258 100644
--- a/resources/z9/light/nginx/light.conf
+++ b/resources/z9/light/nginx/light.conf
@@ -25,23 +25,6 @@ server {
     }
 }
 
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-    http2 on;
-
-    server_name light.z9.ccchh.net;
-
-    ssl_certificate /etc/letsencrypt/live/light.z9.ccchh.net/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/light.z9.ccchh.net/privkey.pem;
-    # verify chain of trust of OCSP response using Root CA and Intermediate certs
-    ssl_trusted_certificate /etc/letsencrypt/live/light.z9.ccchh.net/chain.pem;
-
-    location / {
-        return 307 https://light.ccchh.net$request_uri;
-    }
-}
-
 server {
     listen 443 ssl;
     listen [::]:443 ssl;