diff --git a/services/monitoring/blackbox.nix b/services/monitoring/blackbox.nix
index 47bd430..97b204e 100644
--- a/services/monitoring/blackbox.nix
+++ b/services/monitoring/blackbox.nix
@@ -42,68 +42,35 @@ in
     '';
   };
 
-  # Add blackbox scrape config and alert rules to Prometheus
-  services.prometheus = {
-    scrapeConfigs = [
-      {
-        job_name = "blackbox_tls";
-        metrics_path = "/probe";
-        params = {
-          module = [ "https_cert" ];
-        };
-        static_configs = [{
-          targets = tlsTargets;
-        }];
-        relabel_configs = [
-          # Pass the target URL to blackbox as a parameter
-          {
-            source_labels = [ "__address__" ];
-            target_label = "__param_target";
-          }
-          # Use the target URL as the instance label
-          {
-            source_labels = [ "__param_target" ];
-            target_label = "instance";
-          }
-          # Point the actual scrape at the local blackbox exporter
-          {
-            target_label = "__address__";
-            replacement = "127.0.0.1:9115";
-          }
-        ];
-      }
-    ];
-
-    rules = [
-      ''
-        groups:
-          - name: certificate_rules
-            rules:
-              - alert: tls_certificate_expiring_soon
-                expr: (probe_ssl_earliest_cert_expiry - time()) < 86400 * 7
-                for: 1h
-                labels:
-                  severity: warning
-                annotations:
-                  summary: "TLS certificate expiring soon on {{ $labels.instance }}"
-                  description: "The TLS certificate for {{ $labels.instance }} expires in less than 7 days."
-              - alert: tls_certificate_expiring_critical
-                expr: (probe_ssl_earliest_cert_expiry - time()) < 86400
-                for: 0m
-                labels:
-                  severity: critical
-                annotations:
-                  summary: "TLS certificate expiring within 24h on {{ $labels.instance }}"
-                  description: "The TLS certificate for {{ $labels.instance }} expires in less than 24 hours. Immediate action required."
-              - alert: tls_probe_failed
-                expr: probe_success{job="blackbox_tls"} == 0
-                for: 5m
-                labels:
-                  severity: warning
-                annotations:
-                  summary: "TLS probe failed for {{ $labels.instance }}"
-                  description: "Cannot connect to {{ $labels.instance }} to check TLS certificate. The service may be down or unreachable."
-      ''
-    ];
-  };
+  # Add blackbox scrape config to Prometheus
+  # Alert rules are in rules.yml (certificate_rules group)
+  services.prometheus.scrapeConfigs = [
+    {
+      job_name = "blackbox_tls";
+      metrics_path = "/probe";
+      params = {
+        module = [ "https_cert" ];
+      };
+      static_configs = [{
+        targets = tlsTargets;
+      }];
+      relabel_configs = [
+        # Pass the target URL to blackbox as a parameter
+        {
+          source_labels = [ "__address__" ];
+          target_label = "__param_target";
+        }
+        # Use the target URL as the instance label
+        {
+          source_labels = [ "__param_target" ];
+          target_label = "instance";
+        }
+        # Point the actual scrape at the local blackbox exporter
+        {
+          target_label = "__address__";
+          replacement = "127.0.0.1:9115";
+        }
+      ];
+    }
+  ];
 }