diff --git a/ansible/roles/headscale/files/acls.json b/ansible/roles/headscale/files/acls.json
index 5a0a171..96c47e8 100644
--- a/ansible/roles/headscale/files/acls.json
+++ b/ansible/roles/headscale/files/acls.json
@@ -1,6 +1,7 @@
 {
     "tagOwners": {
-        "tag:client": []
+        "tag:client": [],
+        "tag:private-svcs": []
 
     },
     "acls": [
@@ -8,6 +9,11 @@
             "action": "accept",
             "src": ["tag:client"],
             "dst": ["*:*"]
+        },
+        {
+            "action": "accept",
+            "src": ["tag:private-svcs"],
+            "dst": ["{{ vps_hosts.private_ipv6_marker }}:80,443"]
         }
     ]
 }