diff --git a/ekman/default.nix b/ekman/default.nix
index 71adbc2..9666deb 100644
--- a/ekman/default.nix
+++ b/ekman/default.nix
@@ -108,6 +108,7 @@ let
       firewall.extraCommands = ''
         iptables -I INPUT -s 10.255.241.0/24 -j ACCEPT
         iptables -I INPUT -s 10.255.243.0/24 -j ACCEPT
+        iptables -I INPUT -s 100.64.0.0/24 -j ACCEPT
       '';
     };
 
@@ -143,7 +144,9 @@ let
     features.hpc.slurm = {
         enable = true;
         client = true;
+        # clusterName = "ekman";
         mungeKey = ./munge.key;
+        # jwtKey = ./jwt_hs256.key;
         mungeUid = mkDefault 996; # hack
         # pkey = "0x7666";
         controlMachine = "ekman-manage";
diff --git a/ekman/jwt_hs256.key b/ekman/jwt_hs256.key
new file mode 100644
index 0000000..a2bde12
Binary files /dev/null and b/ekman/jwt_hs256.key differ
diff --git a/ekman/login/default.nix b/ekman/login/default.nix
index aa1eea0..084e836 100644
--- a/ekman/login/default.nix
+++ b/ekman/login/default.nix
@@ -26,7 +26,7 @@ in
         opt = false;
         work = true;
         data = true;
-        backup = true;
+        backup =false;
         ceph = true;
       };
     };
@@ -338,7 +338,7 @@ in
         "--login-server=https://headscale.svc.oceanbox.io"
         "--accept-dns"
         "--advertise-exit-node"
-        "--advertise-routes=10.255.241.241.0/24"
+        "--advertise-routes=10.255.241.0/24"
         "--advertise-tags=tag:ekman"
       ];
     };
diff --git a/ekman/manage/default.nix b/ekman/manage/default.nix
index 120f870..886b1ce 100644
--- a/ekman/manage/default.nix
+++ b/ekman/manage/default.nix
@@ -325,6 +325,7 @@ in {
       "--login-server=https://headscale.svc.oceanbox.io"
       "--accept-dns=false"
       "--advertise-exit-node"
+      "--advertise-routes=10.255.241.0/24"
     ];
   };