diff --git a/docker/Caddyfile b/docker/Caddyfile
index 390fe139..cefdc6ac 100644
--- a/docker/Caddyfile
+++ b/docker/Caddyfile
@@ -38,7 +38,7 @@ https://turn.NETMAKER_BASE_DOMAIN {
 	reverse_proxy host.docker.internal:3479
 }
 
-#TURN API
+# TURN API
 https://turnapi.NETMAKER_BASE_DOMAIN {
 	tls /root/fullchain.pem /root/privkey.pem
     reverse_proxy http://host.docker.internal:8089
diff --git a/docker/Caddyfile-EE b/docker/Caddyfile-EE
index 61f39bf8..c4773ef7 100644
--- a/docker/Caddyfile-EE
+++ b/docker/Caddyfile-EE
@@ -55,7 +55,7 @@ https://turn.NETMAKER_BASE_DOMAIN {
 	reverse_proxy host.docker.internal:3479
 }
 
-#TURN API
+# TURN API
 https://turnapi.NETMAKER_BASE_DOMAIN {
         reverse_proxy http://host.docker.internal:8089
 }
diff --git a/scripts/nm-certs.sh b/scripts/nm-certs.sh
index 11ff2784..6b07c3c4 100755
--- a/scripts/nm-certs.sh
+++ b/scripts/nm-certs.sh
@@ -1,17 +1,28 @@
 #!/bin/bash
 
 CONFIG_FILE=netmaker.env
-source $CONFIG_FILE
+# TODO make sure this doesnt break, parse `certbot certificates` if yes
 CERT_DIR=/etc/letsencrypt/live/stun.$DOMAIN/
+SCRIPT_DIR=$(dirname "$(realpath "$0")")
+
+# get and check the config
+if [ ! -f "$SCRIPT_DIR/$CONFIG_FILE" ]; then
+	echo "Config file missing"
+	exit 1
+fi
+source "$SCRIPT_DIR/$CONFIG_FILE"
+if [[ -n "$DOMAIN" || -n "$EMAIL" ]]; then
+	echo "Config not valid"
+	exit 1
+fi
 
 echo "Setting up SSL certificates..."
 
-# TODO check $DOMAIN, $EMAIL
-# TODO support EE domains
-
+# get the zerossl wrapper for certbot
 wget -qO /root/zerossl-bot.sh "https://github.com/zerossl/zerossl-bot/raw/master/zerossl-bot.sh"
 chmod +x /root/zerossl-bot.sh
 
+# preserve the env state
 RESTART_CADDY=false
 if [ -n "$(docker ps | grep caddy)" ]; then
 	echo "Caddy is running, stopping for now..."
@@ -25,7 +36,10 @@ fi
 	-d "stun.$DOMAIN" \
 	-d "broker.$DOMAIN" \
 	-d "dashboard.$DOMAIN" \
-	-d "api.$DOMAIN"
+	-d "turnapi.$DOMAIN" \
+	-d "netmaker-exporter.$DOMAIN" \
+	-d "grafana.$DOMAIN" \
+	-d "prometheus.$DOMAIN"
 
 # TODO fallback to letsencrypt
 
@@ -41,6 +55,7 @@ cp "$CERT_DIR"/privkey.pem /root
 
 echo "SSL certificates ready"
 
+# preserve the env state
 if [ "$RESTART_CADDY" = true ]; then
 	echo "Starting Caddy..."
 	docker-compose -f /root/docker-compose.yml start caddy