diff --git a/host_vars/gw1.pyrocufflink.blue/squid.yml b/host_vars/gw1.pyrocufflink.blue/squid.yml
index 4231c21..1f6882b 100644
--- a/host_vars/gw1.pyrocufflink.blue/squid.yml
+++ b/host_vars/gw1.pyrocufflink.blue/squid.yml
@@ -7,6 +7,8 @@ squid_acl:
     - 'src fe80::/10      	# RFC 4291 link-local (directly plugged) machines'
   trusted:
   - src 172.30.0.0/26
+  kubernetes:
+  - src 172.30.0.160/28
   SSL_ports:
   - port 443
   Safe_ports:
@@ -32,6 +34,8 @@ squid_acl:
   - dstdomain fonts.gstatic.com
   grafana_rpm:
   - dstdomain rpm.grafana.com
+  stripe_api:
+  - dstdomain api.stripe.com
 
 squid_http_access:
 - 'deny !Safe_ports'
@@ -45,6 +49,7 @@ squid_http_access:
 - allow google_fonts
 - allow trusted kickstart
 - allow trusted dch_repo
+- allow kubernetes stripe_api
 - deny all
 
 squid_cache_dir: