diff --git a/config/nix.nix b/config/nix.nix
index e9b5ea9..53ba475 100644
--- a/config/nix.nix
+++ b/config/nix.nix
@@ -9,8 +9,6 @@
     extraOptions = ''
       build-timeout = 86400  # 24 hours
     '';
-    sshServe.enable = if config.services.hydra.enable then true else false;
-    sshServe.keys = if config.services.hydra.enable then [ (builtins.readFile /secret/nix-ssh.pub) ] else [];
     binaryCachePublicKeys = [ (builtins.readFile /secret/hydra_cache.pub) ];
     trustedBinaryCaches = [
       "https://cache.nixos.org"
diff --git a/machines/Lilim/hardware-configuration.nix b/machines/Lilim/hardware-configuration.nix
index f1fef71..fbf3081 100644
--- a/machines/Lilim/hardware-configuration.nix
+++ b/machines/Lilim/hardware-configuration.nix
@@ -2,6 +2,7 @@
 
 let
  localpkgs = import <nixpkgs-local> {};
+# vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
 in {
   imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
 
@@ -9,7 +10,7 @@ in {
     loader.systemd-boot.enable = true;
     loader.efi.canTouchEfiVariables = true;
     cleanTmpDir = true;
-    kernelPackages = pkgs.linuxPackages_latest;
+    kernelPackages = pkgs.linuxPackages_4_19;
     initrd.kernelModules = [ "hid-multitouch" ];
     initrd.availableKernelModules = [ "hid-microsoft" "hid-multitouch" "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
     kernelModules = [ "kvm-intel" "hid-microsoft" "hid-multitouch" "uinput" ];
diff --git a/services/hydra.nix b/services/hydra.nix
index 91ed123..03ad59c 100644
--- a/services/hydra.nix
+++ b/services/hydra.nix
@@ -10,7 +10,7 @@
 
 with lib;
 
-mkIf (elem "hydra" config.machine.services) {
+mkIf (elem "hydra" config.machine.services) rec {
   # also take a look at ../conf/nix.nix
   nix.buildMachines = [
     {
@@ -43,4 +43,16 @@ mkIf (elem "hydra" config.machine.services) {
       upload_logs_to_binary_cache = true
     '';
   };
+
+  services.nix-serve = {
+    enable = true;
+    bindAddress = "172.0.0.1";
+    port = 5000;
+    secretKeyFile = "/secret/hydra_cache";
+    extraParams = ''
+# Dont know how to change the store root yet...
+#      --user hydra-queue-runner
+#      --group hydra
+    ''; 
+  };  
 }
diff --git a/services/nginx.nix b/services/nginx.nix
index d08d16b..a1d4b76 100644
--- a/services/nginx.nix
+++ b/services/nginx.nix
@@ -42,13 +42,18 @@ mkIf (elem "nginx" config.machine.services) {
           }
         '';
       };
-      "cache.${config.machine.domain}" = mkIf config.services.hydra.enable {
+      "cache.${config.machine.domain}" = mkIf config.services.nix-serve.enable {
         enableACME = true;
         forceSSL = true;
-        root = "/var/cache/hydra";
-        # extraConfig = ''
-        #   autoindex on;
-        # '';
+        extraConfig = ''
+          location / {
+            proxy_pass http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port};
+            proxy_set_header Host $http_host;
+            proxy_set_header REMOTE_ADDR $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto https;
+          }
+        '';
       };
       "mail.${config.machine.domain}" = mkIf config.mailserver.enable {
         enableACME = true;