diff --git a/salt/firewall/assigned_hostgroups.map.yaml b/salt/firewall/assigned_hostgroups.map.yaml
index 4964f5071..52f850909 100644
--- a/salt/firewall/assigned_hostgroups.map.yaml
+++ b/salt/firewall/assigned_hostgroups.map.yaml
@@ -660,6 +660,10 @@ role:
           anywhere:
             portgroups:
               - {{ portgroups.ssh }}
+            {% set idh_services = salt['pillar.get']('idh:services', []) %}
+            {% for service in idh_services %}
+              - {{ portgroups.service }}
+            {% endfor %}
           dockernet:
             portgroups:
               - {{ portgroups.all }}
diff --git a/salt/firewall/portgroups.yaml b/salt/firewall/portgroups.yaml
index d81d00d6a..5fe08db08 100644
--- a/salt/firewall/portgroups.yaml
+++ b/salt/firewall/portgroups.yaml
@@ -48,6 +48,15 @@ firewall:
       fleet_webui:
         tcp:
           - 443
+      ftp:
+        tcp:
+          - 21
+      git:
+        tcp:
+          - 9418
+      http:
+        tcp:
+          - 80
       influxdb:
         tcp:
           - 8086
diff --git a/salt/idh/defaults.yml b/salt/idh/defaults/defaults.yaml
similarity index 100%
rename from salt/idh/defaults.yml
rename to salt/idh/defaults/defaults.yaml
diff --git a/salt/idh/defaults/http.defaults.yaml b/salt/idh/defaults/http.defaults.yaml
index 31680d5d0..a685062c5 100644
--- a/salt/idh/defaults/http.defaults.yaml
+++ b/salt/idh/defaults/http.defaults.yaml
@@ -2,7 +2,7 @@ idh:
   opencanary:
     config:
       http.banner: Apache/2.2.22 (Ubuntu)
-      http.enabled: false
+      http.enabled: true
       http.port: 80
       http.skin: nasLogin
       http.skin.list:
diff --git a/salt/idh/opencanary_config.map.jinja b/salt/idh/opencanary_config.map.jinja
index cf65cc7d3..dbd2fbad5 100644
--- a/salt/idh/opencanary_config.map.jinja
+++ b/salt/idh/opencanary_config.map.jinja
@@ -1,2 +1,9 @@
-{% import_yaml 'idh/defaults.yml' as OPENCANARYCONFIG with context %}
+{% set idh_services = salt['pillar.get']('idh:services', []) %}
+
+{% import_yaml "idh/defaults/defaults.yaml" as OPENCANARYCONFIG with context %}
+{% for service in idh_services %}
+      {% import_yaml "idh/defaults/" ~ service ~ ".defaults.yaml" as SERVICECONFIG with context %}
+      {% do salt['defaults.merge'](OPENCANARYCONFIG, SERVICECONFIG, in_place=True) %}
+{% endfor %}
+
 {% set OPENCANARYCONFIG = salt['pillar.get']('idh:opencanary:config', default=OPENCANARYCONFIG.idh.opencanary.config, merge=True) %}
\ No newline at end of file