diff --git a/Makefile b/Makefile
index 6250f14..12ecce5 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@
 
 define CONFIG_MSG =
 
-You do not have a config.mk file.
+You do not have a config.mk file, or the one you have is out of date.
 
 Please run "./configure" or copy `config.mk.in` to `config.mk` and edit its settings
 
diff --git a/ansible/inventory.tmpl.yaml b/ansible/inventory.tmpl.yaml
index babf63e..4b90fc5 100644
--- a/ansible/inventory.tmpl.yaml
+++ b/ansible/inventory.tmpl.yaml
@@ -14,6 +14,7 @@ social:
     mastodon_sidekiq_count: {{MASTODON_SIDEKIQ_COUNT}}
     mastodon_sidekiq_threads: {{MASTODON_SIDEKIQ_THREADS}}
     public_ip: "{{PUBLIC_IP}}"
+    my_ip: "{{MY_IP}}"
     s3_bucket_name: "{{S3_BUCKET_NAME}}"
     #s3_endpoint: 
     s3_hostname: "s3.{{AWS_REGION}}.amazonaws.com"
diff --git a/ansible/roles/mastodon/templates/nginx.conf b/ansible/roles/mastodon/templates/nginx.conf
index 016faaa..2ae31cb 100644
--- a/ansible/roles/mastodon/templates/nginx.conf
+++ b/ansible/roles/mastodon/templates/nginx.conf
@@ -33,18 +33,12 @@ server {
   listen 8448 ssl http2 default_server;
   listen [::]:8448 ssl http2 default_server;
 
-#  ssl_protocols TLSv1.2 TLSv1.3;
-#  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
-#  ssl_prefer_server_ciphers on;
-#  ssl_session_cache shared:SSL:10m;
-#  ssl_session_tickets off;
+  allow {{ my_ip }}/32;
+  deny all;
 
-  # Uncomment these lines once you acquire a certificate:
-  # ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
-  # ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
-  ssl_trusted_certificate   /etc/letsencrypt/live/www.poorsquinky.com-0002/chain.pem;
-  ssl_certificate           /etc/letsencrypt/live/www.poorsquinky.com-0002/fullchain.pem;
-  ssl_certificate_key       /etc/letsencrypt/live/www.poorsquinky.com-0002/privkey.pem;
+  ssl_trusted_certificate   /etc/letsencrypt/live/{{ domain_name }}/chain.pem;
+  ssl_certificate           /etc/letsencrypt/live/{{ domain_name }}/fullchain.pem;
+  ssl_certificate_key       /etc/letsencrypt/live/{{ domain_name }}/privkey.pem;
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
   ssl_protocols TLSv1.2 TLSv1.3;
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
index 949d6d5..1ad0221 100644
--- a/terraform/outputs.tf
+++ b/terraform/outputs.tf
@@ -12,7 +12,7 @@ output "nameservers" {
 output "s3_bucket_name" {
   value = module.s3_bucket.s3_bucket_id
 }
-output "myip" {
+output "my_ip" {
   value = "${chomp(data.http.myip.body)}"
 }