diff --git a/global/overlay/etc/puppet/modules/dns/manifests/apache2.pp b/global/overlay/etc/puppet/modules/dns/manifests/apache2.pp
index c320dc8..b4a7956 100644
--- a/global/overlay/etc/puppet/modules/dns/manifests/apache2.pp
+++ b/global/overlay/etc/puppet/modules/dns/manifests/apache2.pp
@@ -7,15 +7,22 @@ class dns::apache2 {
     ensure  => running,
     enable  => true,
   }
-  exec { 'a2enmod ssl && a2enmod headers && a2enmod proxy && a2enmod proxy_http && a2enmod request && a2enmod rewrite':
-    #subscribe   => File['/etc/apache2/sites-available/default-ssl.conf'],
+  # Configuration of the web service follows.
+  file { '/etc/apache2/sites-available/dns-rest-api.conf':
+    ensure  => file,
+    mode    => '0644',
+    content => template('dns/apache2/dns-rest-api.conf.erb'),
+    notify  => Service['apache2'],
+  }
+  exec { 'a2enmod ssl && a2enmod headers && a2enmod proxy && a2enmod proxy_http && a2enmod request && a2enmod rewrite && a2enmod allowmethods':
+    subscribe   => File['/etc/apache2/sites-available/dns-rest-api.conf'],
     refreshonly => true,
     notify      => Service['apache2'],
   }
-#  exec { 'a2dissite default-ssl.conf':
-#    notify      => Service['apache2'],
-#  }
-#  exec { 'a2dissite default-000.conf':
-#    notify      => Service['apache2'],
-#  }
+  exec { 'a2dissite default-000.conf':
+    notify      => Service['apache2'],
+  }
+  exec { 'a2ensite dns-rest-api.conf':
+    notify      => Service['apache2'],
+  }
 }
diff --git a/global/overlay/etc/puppet/modules/dns/templates/apache2/dns-rest-api.conf.erb b/global/overlay/etc/puppet/modules/dns/templates/apache2/dns-rest-api.conf.erb
new file mode 100644
index 0000000..a1567e6
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/dns/templates/apache2/dns-rest-api.conf.erb
@@ -0,0 +1,26 @@
+<VirtualHost *:80>
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+	RewriteEngine on
+	RewriteCond %{SERVER_NAME} =dns-rest-api.sunet.se
+	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+</VirtualHost>
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	<Location "/">
+           AllowMethods GET POST PATCH PUT DELETE
+	</Location>
+
+	ProxyTimeout 59
+        RequestHeader unset X-Remote-User early
+        ProxyPass "/" "http://localhost:5000/" connectiontimeout=59 timeout=59 Keepalive=On
+	ProxyPreserveHost On
+
+ServerName dns-rest-api.sunet.se
+SSLCertificateFile /etc/letsencrypt/live/dns-rest-api.sunet.se/fullchain.pem
+SSLCertificateKeyFile /etc/letsencrypt/live/dns-rest-api.sunet.se/privkey.pem
+</VirtualHost>
+</IfModule>