diff --git a/Timeline.org b/Timeline.org
index 4e2d139..faf3e60 100644
--- a/Timeline.org
+++ b/Timeline.org
@@ -29,15 +29,17 @@
     - [ ] VPN setup
 *** TODO Wireguard [0/1] [0%]
     - [ ] Encrypted DNS
-** Data sync [0/2] [0%]
-*** IN-PROGRESS Syncthing [1/3] [33%]
+** Data sync [1/2] [50%]
+*** IN-PROGRESS Syncthing [2/3] [66%]
     - [X] Basic configuration
-    - [ ] Relay server
+    - [X] Relay server
     - [ ] Discovery server
-*** TODO Radicale
+*** DONE Radicale
+    CLOSED: [2019-11-08 Fri 13:51]
 ** Web stack [0/7] [0%]
-*** TODO Nginx [0/1] [0%]
+*** TODO Nginx [0/2] [0%]
     - [ ] Radicale reverse proxy
+    - [ ] Syncthing discovery reverse proxy
 *** TODO PHP [0/1] [0%]
     - [ ] Php-fpm
 *** TODO PostgreSQL [0/1] [0%]
diff --git a/modules/datasync.nix b/modules/datasync.nix
index 967bbda..697b603 100644
--- a/modules/datasync.nix
+++ b/modules/datasync.nix
@@ -41,20 +41,29 @@
         Projects.path = "/vault/syncthing/Projects";
       };
     };
-    #relay = {
-      #enable = true;
-      #pools = "";
-    #};
+    relay = {
+      enable = true;
+      pools = [ "" ];
+      listenAddress = "0.0.0.0";
+    };
   };
 
   # Enable Radicale
   services.radicale = {
     enable = true;
     config = ''
+      [server]
+      hosts = 0.0.0.0:5232
+      max_connections = 20
+      max_content_length = 100000000
+      timeout = 30
 
+      [auth]
+      type = htpasswd
+      htpasswd_filename = /var/lib/radicale/radicale.users
+      htpasswd_encryption = plain
+      delay = 1
     '';
   };
 
-
-
 }
diff --git a/modules/networking.nix b/modules/networking.nix
index c1e5839..dc126dd 100644
--- a/modules/networking.nix
+++ b/modules/networking.nix
@@ -32,7 +32,7 @@
 
   # Firewall configuration
   networking.firewall = {
-    allowedTCPPorts = [ 631 6566 22067 8384 ];
+    allowedTCPPorts = [ 631 6566 22067 8384 5232 ];
     autoLoadConntrackHelpers = true;
     connectionTrackingModules = [ "sane" ];
   };