diff --git a/hosts/tanzanite/default.nix b/hosts/tanzanite/default.nix
index 0130f96..3a9a1cc 100644
--- a/hosts/tanzanite/default.nix
+++ b/hosts/tanzanite/default.nix
@@ -24,6 +24,7 @@ in {
     defaults.dnsProvider = "porkbun";
     defaults.environmentFile = "/persist/acme/porkbun.tokens";
     certs = {
+      "turn.stitchy.moe" = {};
     };
   };
 
@@ -69,7 +70,11 @@ in {
   };
 
   networking.firewall = {
-    allowedTCPPorts = [ 22 80 222 443 ];
+    allowedTCPPorts = [ 22 80 222 443 3478 5349 ];
+    allowedUDPPorts = [ 3478 5349 ];
+    allowedUDPPortRanges = [
+    { from = 19000; to = 20000; }
+    ];
   };
 
   # Boot Config