diff --git a/services/nginx.nix b/services/nginx.nix
index 2d1eea6..fb8f7e6 100644
--- a/services/nginx.nix
+++ b/services/nginx.nix
@@ -64,7 +64,9 @@ in
         domain = "*.nordhammer.it";
         extraDomainNames = [ "nordhammer.it" ];
         dnsProvider = "cloudflare";
-        dnsPropagationCheck = false;
+        # Wait 30s after creating the TXT record before asking LE to validate
+        extraLegoRunFlags = [ "--dns.propagation-wait" "30s" ];
+        extraLegoRenewFlags = [ "--dns.propagation-wait" "30s" ];
         credentialFiles = {
           "CF_DNS_API_TOKEN_FILE" = "/var/secrets/cloudflare-token";
         };