diff --git a/conf.d/default.conf b/conf.d/default.conf
index c939065..5eef7f5 100644
--- a/conf.d/default.conf
+++ b/conf.d/default.conf
@@ -20,7 +20,7 @@ server {
 
 
 include /etc/nginx/conf.d/fet.at/*.conf;
-include /etc/nginx/conf.d/triton20.fet.at/*.conf;
-include /etc/nginx/conf.d/luna.fet.at/*.conf;
+#include /etc/nginx/conf.d/triton20.fet.at/*.conf;
+#include /etc/nginx/conf.d/luna.fet.at/*.conf;
 
 
diff --git a/conf.d/fet.at/default.conf b/conf.d/fet.at/default.conf
index 326edb6..75af7b7 100644
--- a/conf.d/fet.at/default.conf
+++ b/conf.d/fet.at/default.conf
@@ -2,9 +2,54 @@ server {
     listen 443 ssl;
     server_name fet.at;
     include ssl.conf;
-    
-    set $proxy_host triton20;
-    set $proxy_port 8080;
 
-    include default_proxy.conf;
+    #changed 22.9.22, andis
+    client_max_body_size 50M;
+
+    
+#    set $proxy_host triton20;
+#    set $proxy_port 8080;
+
+
+    set $proxy_host fetsite2023;
+    set $proxy_port 8000;
+
+
+
+
+#    location / { return 503 'Andis rulez'; }
+   #include default_proxy.conf;
+
+   location / {
+     include proxy.conf;
+     include secure.conf;
+     proxy_pass http://$proxy_host:$proxy_port;
+     #more_set_headers "Content-Security-Policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' ; frame-ancestors 'self'";
+     more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self';  script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';  font-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
+   }
+
+
+   location /etherpad {   
+      include proxy.conf;
+      include secure.conf;
+      proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
+      #more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/;  font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
+      more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/;  font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'self' ";
+      proxy_pass http://$proxy_host:$proxy_port;
+   }
+
+  location /admin {
+      include proxy.conf;
+      include secure.conf;
+      proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
+      more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/;  font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
+      proxy_pass http://$proxy_host:$proxy_port;
+   }
+}
+
+server {
+    listen 443 ssl;
+    server_name www.fet.at;
+    include ssl.conf;
+    return 302 https://fet.at$request_uri;
 }
diff --git a/conf.d/fet.at/docker.conf b/conf.d/fet.at/docker.conf
index 0914abd..f5942f4 100644
--- a/conf.d/fet.at/docker.conf
+++ b/conf.d/fet.at/docker.conf
@@ -3,9 +3,17 @@ server {
     include ssl.conf;
 
     server_name docker.fet.at;
-    set $proxy_host triton20;
+    set $proxy_host docker;
     set $proxy_port 5000;
 
-    include default_proxy.conf;
+    location / {
+      include proxy.conf;
+      include secure.conf;
+      proxy_set_header X-Forwarded-Proto https;
+     client_max_body_size 0;
+      proxy_pass http://$proxy_host:$proxy_port;
+   }
+
+
 }
 
diff --git a/conf.d/fet.at/git.conf b/conf.d/fet.at/git.conf
index 366c2af..9f58cfb 100644
--- a/conf.d/fet.at/git.conf
+++ b/conf.d/fet.at/git.conf
@@ -1,13 +1,17 @@
 server {
     listen 443 ssl;
     include ssl.conf;
-    
+    #changed 29.11.22, pet
+    client_max_body_size 50M;
+
+
+#    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    
     server_name git.fet.at;
     set $proxy_host zyklon;
     set $proxy_port 3000;
     location / {
         include proxy.conf;
-#        add_header Content-Security-Policy "default-src 'none'; img-src 'self';  script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';  font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
+        more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self';  script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';  font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
         proxy_pass http://zyklon:3000;
     }
 }
diff --git a/conf.d/fet.at/horde.conf.txt b/conf.d/fet.at/horde.conf.txt
deleted file mode 100644
index a2b11be..0000000
--- a/conf.d/fet.at/horde.conf.txt
+++ /dev/null
@@ -1,61 +0,0 @@
-
-server {
-    listen 443 ssl;
-    include ssl.conf;
-
-    server_name  fet.htu.tuwien.ac.at;
-    location / {
-    return 302 https://mail.fet.at$request_uri;
-    }
-
-}
-
-
-server {
-    listen 443 ssl;
-    include ssl.conf;
-
-    server_name  mail.fet.at www.mail.fet.at;
-
-#    add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
-
-    location / {
-	include secure.conf;
-        root /var/www/mail;
-    }
-    
-    location /mail5/ {
-#        include proxy.conf;
-#        include secure.conf;
-        proxy_pass http://192.168.249.4/;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_set_header Host horde.fet.htu.tuwien.ac.at;
-	proxy_set_header X-Forwarded-Host $host;
-    }
-
-    location /mail3/ {
-        include proxy.conf;
-        include secure.conf;
-        proxy_pass http://192.168.249.4/;
-        proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_buffering off;
-    }
-
-    location /images/ {
-        include secure.conf;
-        root /var/www/mail;
-    }
-
-    location = /mail {
-        return 301 https://$host;	        
-    }
-
-    location /mail/ {
-        include secure.conf;
-        root /var/www/mail;
-    }
-
-
-}
-
diff --git a/conf.d/fet.at/jenkins.conf b/conf.d/fet.at/jenkins.conf
index b2d0793..6ab450b 100644
--- a/conf.d/fet.at/jenkins.conf
+++ b/conf.d/fet.at/jenkins.conf
@@ -9,3 +9,21 @@ server {
     include default_proxy.conf;
 }
 
+server {
+    listen 443 ssl;
+    include ssl.conf;
+
+   server_name jenkins2.fet.at;
+   set $proxy_host jenkins;
+   set $proxy_port 8080;
+   location / {
+      include proxy.conf;
+      include secure.conf;
+      proxy_set_header "X-Forwarded-Port" "443";
+      proxy_set_header "X-Forwarded-Proto" "https";
+      proxy_set_header "X-Forwarded-Host" "jenkins2.fet.at";
+      more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/;  font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'self'";
+      proxy_pass http://$proxy_host:$proxy_port;
+   }
+
+}
diff --git a/conf.d/fet.at/mail.conf b/conf.d/fet.at/mail.conf
index a2b11be..3ae8fed 100644
--- a/conf.d/fet.at/mail.conf
+++ b/conf.d/fet.at/mail.conf
@@ -1,61 +1,12 @@
-
 server {
     listen 443 ssl;
     include ssl.conf;
-
-    server_name  fet.htu.tuwien.ac.at;
-    location / {
-    return 302 https://mail.fet.at$request_uri;
-    }
-
-}
-
-
-server {
-    listen 443 ssl;
-    include ssl.conf;
-
-    server_name  mail.fet.at www.mail.fet.at;
-
-#    add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
-
-    location / {
-	include secure.conf;
-        root /var/www/mail;
-    }
     
-    location /mail5/ {
-#        include proxy.conf;
-#        include secure.conf;
-        proxy_pass http://192.168.249.4/;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_set_header Host horde.fet.htu.tuwien.ac.at;
-	proxy_set_header X-Forwarded-Host $host;
-    }
-
-    location /mail3/ {
-        include proxy.conf;
-        include secure.conf;
-        proxy_pass http://192.168.249.4/;
-        proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_buffering off;
-    }
-
-    location /images/ {
-        include secure.conf;
-        root /var/www/mail;
-    }
-
-    location = /mail {
-        return 301 https://$host;	        
-    }
-
-    location /mail/ {
-        include secure.conf;
-        root /var/www/mail;
-    }
-
+    server_name mail.fet.at;
+    set $proxy_host webmail;
+    set $proxy_port 80;
+    
+    include insecure_proxy.conf;
 
+    rewrite ^(/.*)$ /roundcube$1 break;
 }
-
diff --git a/conf.d/fet.at/ticket.conf b/conf.d/fet.at/ticket.conf
index e1d939a..8218674 100644
--- a/conf.d/fet.at/ticket.conf
+++ b/conf.d/fet.at/ticket.conf
@@ -5,7 +5,8 @@ server {
     server_name ticket.fet.at;
     set $proxy_host proteus;
     set $proxy_port 80;
+    more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/;  font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
 
-    include default_proxy.conf;
+    include insecure_proxy.conf;
 }