diff --git a/hosts/koi/configuration.nix b/hosts/koi/configuration.nix
index cacff3a..9475ee6 100755
--- a/hosts/koi/configuration.nix
+++ b/hosts/koi/configuration.nix
@@ -12,6 +12,7 @@
 
     ./partials/fde.nix
     ./partials/docker.nix
+    ./partials/avahi.nix
 
     ./services/coredns.nix
     ./services/sing-box.nix
diff --git a/hosts/koi/containers/sftpgo/default.nix b/hosts/koi/containers/sftpgo/default.nix
index 412de55..a65adfd 100644
--- a/hosts/koi/containers/sftpgo/default.nix
+++ b/hosts/koi/containers/sftpgo/default.nix
@@ -4,6 +4,7 @@ let
   secrets = import (abs "lib/secrets.nix");
 
   UID = 1112;
+  WEBDAV_PORT = 16821;
 in {
   imports = [
     (secrets.declare [{
@@ -45,6 +46,9 @@ in {
     environmentFiles = [
       (secrets.file config "sftpgo-env")
     ];
+    ports = [
+      "${builtins.toString WEBDAV_PORT}:80"
+    ];
   };
 
   systemd.tmpfiles.rules = [
@@ -52,17 +56,34 @@ in {
     "d /srv/sftpgo/config 0700 ${builtins.toString UID} ${builtins.toString UID} -"
   ];
 
-  services.nginx.virtualHosts."puffer.stupid.fish" = {
-    forceSSL = true;
-    useACMEHost = "stupid.fish";
+  services.nginx.virtualHosts = {
+    "puffer.stupid.fish" = {
+      forceSSL = true;
+      useACMEHost = "stupid.fish";
 
-    locations."/" = {
-      proxyPass = "http://sftpgo.docker:8080$request_uri";
-      proxyWebsockets = true;
-    };
+      locations."/" = {
+        proxyPass = "http://sftpgo.docker:8080$request_uri";
+        proxyWebsockets = true;
+      };
 
-    locations."/dav/" = {
-      proxyPass = "http://sftpgo.docker:80$request_uri";
+      locations."/dav/" = {
+        proxyPass = "http://sftpgo.docker:80$request_uri";
+      };
     };
   };
+
+  networking.firewall.allowedTCPPorts = [ WEBDAV_PORT ];
+
+  services.avahi.extraServiceFiles.puffer-lan = ''
+    <?xml version="1.0" standalone='no'?>
+    <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+    <service-group>
+      <name>puffer-lan</name>
+      <service>
+        <port>${builtins.toString WEBDAV_PORT}</port>
+        <type>_webdav._tcp</type>
+        <txt-record>path=/dav/</txt-record>
+      </service>
+    </service-group>
+  '';
 }
\ No newline at end of file
diff --git a/hosts/koi/partials/avahi.nix b/hosts/koi/partials/avahi.nix
new file mode 100644
index 0000000..20f99c5
--- /dev/null
+++ b/hosts/koi/partials/avahi.nix
@@ -0,0 +1,13 @@
+{
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+    publish = {
+      enable = true;
+      userServices = true;
+    };
+
+    allowInterfaces = [ "br0" ];
+  };
+}
\ No newline at end of file