diff --git a/roles/server/caddy.nix b/roles/server/caddy.nix
index 484a716..71029b9 100644
--- a/roles/server/caddy.nix
+++ b/roles/server/caddy.nix
@@ -50,9 +50,9 @@ in {
     "${downloadsHostname},everest"
   ];
   systemd = {
-    units.tailscaled.requiredBy = ["caddy.service"];
+    services.caddy.after = ["tailscaled.service"];
     # We have somewhat frequent power outages, and our ISP router takes
-    # ages to boot up. If I don't add a delay, traefik tries to bind to
+    # ages to boot up. If I don't add a delay, caddy tries to bind to
     # the tailscale interface before it's ready, making it crash too much
     # in too little time
     services.caddy.serviceConfig.RestartSec = lib.mkForce "120s";
diff --git a/roles/server/tailscale.nix b/roles/server/tailscale.nix
index d0c6aed..7135368 100644
--- a/roles/server/tailscale.nix
+++ b/roles/server/tailscale.nix
@@ -1,6 +1,21 @@
-{...}: {
+{pkgs, ...}: let
+  script = pkgs.writeShellApplication {
+    name = "tailscale-wait-for-ip";
+    runtimeInputs = [pkgs.iproute2];
+    text = ''
+      # Based on https://github.com/tailscale/tailscale/issues/11504#issuecomment-2113331262
+      echo Waiting for tailscale0 to get an IP adress..
+      for i in {1..15}; do
+        if ip addr show dev tailscale0 | grep -q 'inet '; then break; fi
+        echo "$i"
+        sleep 1
+      done
+    '';
+  };
+in {
   services.tailscale = {
     # This is needed for being an exit node
     useRoutingFeatures = "server";
   };
+  systemd.services.tailscaled.postStart = "${script}/bin/tailscale-wait-for-ip";
 }