diff --git a/hosts/chunk/adguard.nix b/hosts/chunk/adguard.nix
index 3223a9f..7bab3ea 100644
--- a/hosts/chunk/adguard.nix
+++ b/hosts/chunk/adguard.nix
@@ -11,6 +11,13 @@
           password = "$2y$10$BZy2zYJj5z4e8LZCq/GwuuhWUafL/MNFO.YcsAMmpDS.2krPxi7KC";
         }
       ];
+      # do not listen eveywhere cause podman runs it's own DNS
+      dns.bind_hosts = [
+        "127.0.0.1"
+        "::1"
+        "31.59.129.225"
+        "2a0f:85c1:840:2bfb::1"
+      ];
     };
   };
 }
diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix
index 1de5cdc..e655365 100644
--- a/hosts/chunk/default.nix
+++ b/hosts/chunk/default.nix
@@ -172,13 +172,16 @@
   };
 
   # container stuff
-  virtualisation.container.enable = true;
-  vrtualisation.podman = {
+  virtualisation.containers.enable = true;
+  virtualisation.podman = {
     enable = true;
     # create 'docker' alias for podman, to use as
     # drop-in replacement
     dockerCompat = true;
-    defaultNetwork.settings.dns_enabled = true;
+    defaultNetwork.settings = {
+      dns_enabled = true;
+      ipv6_enabled = true;
+    };
   };
   virtualisation.oci-containers.backend = "podman";
 }
diff --git a/hosts/chunk/ghost.nix b/hosts/chunk/ghost.nix
index 24ced0e..00274c7 100644
--- a/hosts/chunk/ghost.nix
+++ b/hosts/chunk/ghost.nix
@@ -1,9 +1,13 @@
-{...}: {
+{
+  pkgs,
+  config,
+  ...
+}: {
   virtualisation.oci-containers.containers.ghost = {
-    imgage = "ghost:5-alpine";
+    image = "ghost:5-alpine";
     autoStart = true;
     ports = ["127.0.0.1:8084:2368"];
-    pull = "always";
+    pull = "newer";
     environment = {
       database__client = "mysql";
       database__connection__host = "ghost-db";
@@ -16,22 +20,32 @@
     volumes = [
       "/opt/ghost/data:/var/lib/ghost/content"
     ];
-    networks = [
-      "ghost-net"
-    ];
+    networks = ["ghost-net"];
+    dependsOn = ["ghost-db"];
   };
 
   virtualisation.oci-containers.containers.ghost-db = {
     image = "mysql:8.0";
     autoStart = true;
+    pull = "newer";
     environment = {
       MYSQL_ROOT_PASSWORD = "example";
     };
     volumes = [
       "/opt/ghost/db:/var/lib/mysql"
     ];
-    networks = [
-      "ghost-net"
+    networks = ["ghost-net"];
+  };
+
+  systemd.services.create-ghost-net = {
+    serviceConfig.Type = "oneshot";
+    wantedBy = with config.virtualisation.oci-containers; [
+      "${backend}-ghost.service"
+      "${backend}-ghost-db.service"
     ];
+    script = ''
+      ${pkgs.podman}/bin/podman network exists ghost-net || \
+      ${pkgs.podman}/bin/podman network create ghost-net
+    '';
   };
 }