diff --git a/kubernetes.tf b/kubernetes.tf
index ed5d3f8..0011d03 100644
--- a/kubernetes.tf
+++ b/kubernetes.tf
@@ -13,7 +13,10 @@ module "etcd" {
 }
 
 module "kubelet-master" {
-  source     = "modules/kubelet"
+  source   = "modules/kubelet"
+  host_ip  = "${var.ips["dovpn"]}"
+  k8s_host = "k8s.${var.root-domain}"
+
   depends_on = "${module.bootkube-start.image}"
 
   providers = {
diff --git a/main.tf b/main.tf
index 1b3d938..1329e2f 100644
--- a/main.tf
+++ b/main.tf
@@ -67,12 +67,11 @@ module "resilio" {
 }
 
 module "media" {
-  source                 = "media"
-  domain                 = "bb8.fun"
-  traefik-labels         = "${var.traefik-common-labels}"
-  airsonic-smtp-password = "${var.airsonic-smtp-password}"
-  ips                    = "${var.ips}"
-  traefik-network-id     = "${module.docker.traefik-network-id}"
+  source             = "media"
+  domain             = "bb8.fun"
+  traefik-labels     = "${var.traefik-common-labels}"
+  ips                = "${var.ips}"
+  traefik-network-id = "${module.docker.traefik-network-id}"
 }
 
 module "monitoring" {
diff --git a/media/airsonic.tf b/media/airsonic.tf
index 695e5a0..8de3640 100644
--- a/media/airsonic.tf
+++ b/media/airsonic.tf
@@ -60,12 +60,15 @@ module "airsonic" {
   ]
 }
 
-data "template_file" "airsonic-properties-file" {
-  template = "${file("${path.module}/conf/airsonic.properties.tpl")}"
+# data "template_file" "airsonic-properties-file" {
+#   template = "${file("${path.module}/conf/airsonic.properties.tpl")}"
 
-  vars {
-    smtp-password = "${var.airsonic-smtp-password}"
 
-    # db-password   = "${var.airsonic-db-password}"
-  }
-}
+#   vars {
+#     smtp-password = "${var.airsonic-smtp-password}"
+
+
+#     # db-password   = "${var.airsonic-db-password}"
+#   }
+# }
+
diff --git a/media/variables.tf b/media/variables.tf
index 0fdd605..1d66838 100644
--- a/media/variables.tf
+++ b/media/variables.tf
@@ -2,7 +2,7 @@ variable "domain" {
   type = "string"
 }
 
-variable "airsonic-smtp-password" {}
+# variable "airsonic-smtp-password" {}
 
 variable "traefik-labels" {
   type = "map"
diff --git a/modules/bootkube/main.tf b/modules/bootkube/main.tf
index cb9d95f..403796f 100644
--- a/modules/bootkube/main.tf
+++ b/modules/bootkube/main.tf
@@ -11,7 +11,7 @@ resource "docker_container" "render" {
   command = [
     "bootkube",
     "render",
-    "--etcd-servers=http://${host_ip}:2379",
+    "--etcd-servers=http://${var.host_ip}:2379",
     "--asset-dir=/home/.bootkube",
     "--api-servers=https://kubernetes.default:${var.host_port},https://${var.k8s_host}:${var.host_port},https://${var.host_ip}:${var.host_port}",
     "--pod-cidr=${var.pod_cidr}",
diff --git a/modules/kubelet/main.tf b/modules/kubelet/main.tf
index 2ca7012..76d918c 100644
--- a/modules/kubelet/main.tf
+++ b/modules/kubelet/main.tf
@@ -81,29 +81,45 @@ resource "docker_container" "kubelet" {
   }
   command = [
     "kubelet",
-    "--kubeconfig=/etc/kubernetes/kubeconfig",
-    "--client-ca-file=/etc/kubernetes/ca.crt",
-    "--anonymous-auth=false",
-    "--cni-conf-dir=/etc/kubernetes/cni/net.d",
-    "--network-plugin=cni",
-    "--lock-file=/var/run/lock/kubelet.lock",
-    "--exit-on-lock-contention",
-    "--pod-manifest-path=/etc/kubernetes/manifests",
     "--allow-privileged",
+    "--anonymous-auth=false",
+    "--cert-dir=/var/lib/kubelet/pki",
+    "--client-ca-file=/etc/kubernetes/ca.crt",
+    "--cni-conf-dir=/etc/kubernetes/cni/net.d",
+    "--exit-on-lock-contention=true",
+    "--hostname-override=${var.host_ip}",
+    "--kubeconfig=/etc/kubernetes/kubeconfig",
+    "--lock-file=/var/run/lock/kubelet.lock",
     "--minimum-container-ttl-duration=10m0s",
+    "--network-plugin=cni",
+    "--node-labels=node-role.kubernetes.io/master",
+    "--pod-manifest-path=/etc/kubernetes/manifests",
+    "--rotate-certificates",
+
+    // TODO: Change to var
     "--cluster_dns=10.25.0.10",
-    "--cluster_domain=k8s.bb8.fun",
+
+    "--cluster_domain=${var.k8s_host}",
   ]
+  host {
+    host = "kubernetes.default"
+    ip   = "${var.host_ip}"
+  }
+  host {
+    host = "${var.k8s_host}"
+    ip   = "${var.host_ip}"
+  }
 
   # TODO
   # "--register-with-taints=${var.node_taints}",
   # "--node-labels=${var.node_label}",
 
-  network_mode    = "host"
-  privileged      = true
-  restart         = "no"
-  must_run        = false
-  max_retry_count = 1
+  network_mode = "host"
+  privileged   = true
+  restart      = "no"
+  must_run     = false
+
+  # max_retry_count = 1
 }
 
 data "docker_registry_image" "image" {
diff --git a/modules/kubelet/variables.tf b/modules/kubelet/variables.tf
index b754c86..ca3025d 100644
--- a/modules/kubelet/variables.tf
+++ b/modules/kubelet/variables.tf
@@ -17,3 +17,9 @@ variable "depends_on" {
 variable "asset_dir_volume_name" {
   default = "k8s-assets"
 }
+
+variable "host_ip" {}
+
+variable "k8s_host" {
+  description = "kubenetes hostname"
+}