diff --git a/hosts/vps-monitor/default.nix b/hosts/vps-monitor/default.nix
index 6cc1550..cd49612 100644
--- a/hosts/vps-monitor/default.nix
+++ b/hosts/vps-monitor/default.nix
@@ -59,7 +59,7 @@
 
         ntfy = {
           enable = true;
-          domain = "alerts.sprouted.cloud";
+          domain = "alerts.${privateDomain}";
         };
 
         grafana = {
diff --git a/hosts/vps-public/default.nix b/hosts/vps-public/default.nix
index 0b8358e..78f675c 100644
--- a/hosts/vps-public/default.nix
+++ b/hosts/vps-public/default.nix
@@ -38,6 +38,12 @@
 
       nebula.enable = true;
       sshd.enable = true;
+
+      crowdsec = {
+        enable = true;
+        bouncers.firewall = true;
+      };
+
     };
 
     web-services =
diff --git a/modules/system/web-services/gatus.nix b/modules/system/web-services/gatus.nix
index 12105c6..163b882 100644
--- a/modules/system/web-services/gatus.nix
+++ b/modules/system/web-services/gatus.nix
@@ -113,7 +113,7 @@ in
         connectivity.checker.target = "1.1.1.1:53"; # Cloudflare DNS
         alerting.ntfy = {
           topic = "uptime";
-          url = "https://alerts.sprouted.cloud";
+          url = "https://alerts.${config.custom.networking.overlay.domain}";
           click = "https://${cfg.domain}";
           default-alert = {
             enable = true;
@@ -122,8 +122,8 @@ in
             send-on-resolved = true;
           };
           overrides = lib.singleton {
-            group = config.networking.hostName;
-            topic = "splitleaf";
+            group = "Monitoring";
+            topic = "stork-atlas";
             url = "https://ntfy.sh";
             default-alert = {
               failure-threshold = 4;