diff --git a/inventory/host_vars/kichererbse.freifunk-mwu.de b/inventory/host_vars/kichererbse.freifunk-mwu.de
index 8ab9ab1..a52e128 100644
--- a/inventory/host_vars/kichererbse.freifunk-mwu.de
+++ b/inventory/host_vars/kichererbse.freifunk-mwu.de
@@ -4,3 +4,5 @@ server_type: "mesh-service"
 magic: 67
 
 nodejs_major_version: "10"
+
+http_dns_prefix: "dns-int"
diff --git a/roles/pdns-admin/templates/pdns_admin.conf.j2 b/roles/pdns-admin/templates/pdns_admin.conf.j2
index fd77d8d..dcb897a 100644
--- a/roles/pdns-admin/templates/pdns_admin.conf.j2
+++ b/roles/pdns-admin/templates/pdns_admin.conf.j2
@@ -1,20 +1,22 @@
 server {
     listen 80;
     listen [::]:80;
-    server_name dns-int.{{ http_domain_external }} dns-int.{{ http_domain_internal }};
+    server_name {{ http_dns_prefix }}.{{ http_domain_external }} {{ http_dns_prefix }}.{{ http_domain_internal }};
     return 301 https://$http_host$request_uri;
 }
 
 server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
-    server_name dns-int.{{ http_domain_external }} dns-int.{{ http_domain_internal }};
+    server_name {{ http_dns_prefix }}.{{ http_domain_external }} {{ http_dns_prefix }}.{{ http_domain_internal }};
     index index.html index.htm;
 
     ssl_certificate /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/fullchain.pem;
     ssl_certificate_key /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/privkey.pem;
     ssl_prefer_server_ciphers       on;
 
+    include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
+
     client_max_body_size            10m;
     client_body_buffer_size         128k;
     proxy_redirect                  off;