diff --git a/nixos/mirai/services/homepage.nix b/nixos/mirai/services/homepage.nix
index 01d3225a..ad792f16 100644
--- a/nixos/mirai/services/homepage.nix
+++ b/nixos/mirai/services/homepage.nix
@@ -114,6 +114,13 @@
                 href = "https://photos.darksailor.dev";
               };
             }
+            {
+              "Excalidraw" = {
+                icon = "excalidraw.png";
+                description = "Excalidraw: Self-hosted Collaborative Whiteboard";
+                href = "https://draw.darksailor.dev";
+              };
+            }
           ];
         }
       ];
diff --git a/nixos/tsuba/services/caddy.nix b/nixos/tsuba/services/caddy.nix
index 99ead64e..340e45e7 100644
--- a/nixos/tsuba/services/caddy.nix
+++ b/nixos/tsuba/services/caddy.nix
@@ -12,11 +12,6 @@
     };
   };
   services = {
-    tailscaleAuth = {
-      enable = true;
-      user = config.services.caddy.user;
-      group = config.services.caddy.group;
-    };
     caddy = {
       enable = true;
       extraConfig = ''
@@ -29,20 +24,10 @@
             }
         }
         (auth) {
-           forward_auth unix/${config.services.tailscaleAuth.socketPath} {
-                uri /auth
-                header_up Remote-Addr {remote_host}
-                header_up Remote-Port {remote_port}
-                header_up Original-URI {uri}
-                copy_headers {
-                    Tailscale-User>X-Webauth-User
-                    Tailscale-Name>X-Webauth-Name
-                    Tailscale-Login>X-Webauth-Login
-                    Tailscale-Tailnet>X-Webauth-Tailnet
-                    Tailscale-Profile-Picture>X-Webauth-Profile-Picture
-                }
+            forward_auth https://auth.darksailor.dev {
+               uri /api/authz/forward-auth
+               copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
             }
-
         }
       '';
       package = pkgs.caddy.withPlugins {