diff --git a/DOCS/configuration.md b/DOCS/configuration.md
index 0ff0f40..bebfad5 100644
--- a/DOCS/configuration.md
+++ b/DOCS/configuration.md
@@ -215,3 +215,23 @@ Domain name that users need to direct their SFTP clients to. May be the same key
 ### `public_sftp_port`
 
 Network port that users need to direct their SFTP clients to. The common default port is `22`.
+
+## `[check]`
+
+This configuration section is used only when running `check.php`.
+
+### `https_port`
+
+Port where the public nginx reverse proxy can be reached. Usually `443` for production.
+
+### `sftp_path`
+
+Filesystem path to the sftp binary.
+
+### `sshpass_path`
+
+Filesystem path to the sshpass binary.
+
+### `tor_proxy`
+
+Curl's [CURLOPT_PROXY](https://curl.se/libcurl/c/CURLOPT_PROXY.html) argument, used to test onion services.
diff --git a/config.template.ini b/config.template.ini
index 1c9cee6..a6fe2f1 100644
--- a/config.template.ini
+++ b/config.template.ini
@@ -66,3 +66,9 @@ sftp_fp = "/etc/sftpgo/ed25519.fp"
 sftp_asciiart = "/etc/sftpgo/ed25519.asciiart"
 sftp_domain = "sftp.servnest.test"
 public_sftp_port = 2022
+
+[check]
+https_port = 42443
+sftp_path = "/usr/bin/sftp"
+sshpass_path = "/usr/bin/sshpass"
+tor_proxy = "socks5h://127.0.0.1:9050"
diff --git a/jobs/check.php b/jobs/check.php
index 7e5e5c5..0e5f47c 100644
--- a/jobs/check.php
+++ b/jobs/check.php
@@ -3,15 +3,14 @@
 
 require __DIR__ . '/../init.php';
 
-const SFTP = '/usr/bin/sftp';
-const SSHPASS = '/usr/bin/sshpass';
-
 const HTTPS_PORT = '42443';
-const CORE_DOMAIN = 'servnest.test';
-const CORE_URL = 'https://' . CORE_DOMAIN . ':' . HTTPS_PORT;
-const SUFFIX = 'test.servnest.test.';
+const CORE_URL = 'https://' . CONF['common']['public_domains'][0] . ':' . CONF['check']['https_port'];
 
-const TOR_PROXY = 'socks5h://127.0.0.1:9050';
+foreach (CONF['reg']['suffixes'] as $suffix => $openness)
+	if ($openness === 'all')
+		define('SUFFIX', $suffix);
+if (!defined('SUFFIX'))
+	exit('Unable to start tests: no suffix open to registration');
 
 if (kdig(name: 'nlnet.nl', type: 'AAAA')['AD'] !== 1)
 	exit('DNS queries don\'t seem to be DNSSEC-validated.' . LF);
@@ -38,7 +37,7 @@ function curlTest(string $address, array $post = [], bool $tor = false): string
 		curl_setopt($req, CURLOPT_URL, $address);
 
 	if ($tor)
-		curl_setopt($req, CURLOPT_PROXY, TOR_PROXY);
+		curl_setopt($req, CURLOPT_PROXY, CONF['check']['tor_proxy']);
 	else
 		curl_setopt($req, CURLOPT_SSL_VERIFYPEER, false);
 
@@ -71,7 +70,7 @@ curlTest('/auth/register', [
 	'username' => $username . '2',
 	'password' => $password,
 ]);
-curlTest('/auth/logout', []);
+curlTest('/auth/logout');
 
 curlTest('/auth/login', [
 	'username' => $username,
@@ -118,14 +117,14 @@ function testReg(): string {
 	]);
 
 	{ // Domain transfer
-		curlTest('/auth/logout', []);
+		curlTest('/auth/logout');
 		curlTest('/auth/login', [
 			'username' => $username . '2',
 			'password' => $password,
 		]);
-		preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._transfer-verification\.' . preg_quote(CORE_DOMAIN, '#') . '\.)\</code\>#', curlTest('/reg/transfer', []), $matches);
+		preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._transfer-verification\.' . preg_quote(CONF['common']['public_domains'][0], '#') . '\.)\</code\>#', curlTest('/reg/transfer'), $matches);
 
-		curlTest('/auth/logout', []);
+		curlTest('/auth/logout');
 		curlTest('/auth/login', [
 			'username' => $username,
 			'password' => $password,
@@ -136,7 +135,7 @@ function testReg(): string {
 			'ns' => $matches['token'],
 		]);
 
-		curlTest('/auth/logout', []);
+		curlTest('/auth/logout');
 		curlTest('/auth/login', [
 			'username' => $username . '2',
 			'password' => $password,
@@ -161,7 +160,7 @@ function testNs(string $domain): void {
 			'ns' => $ns,
 		]);
 
-	preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._domain-verification\.' . preg_quote(CORE_DOMAIN, '#') . '\.)\</code\>#', curlTest('/ns/zone-add', []), $matches);
+	preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._domain-verification\.' . preg_quote(CONF['common']['public_domains'][0], '#') . '\.)\</code\>#', curlTest('/ns/zone-add'), $matches);
 	curlTest('/reg/ns', [
 		'action' => 'add',
 		'domain' => $domain,
@@ -214,7 +213,7 @@ put ' . sys_get_temp_dir() . '/index.html /_site0-/index.html
 exit
 ');
 
-	$process = proc_open(SSHPASS . ' ' . SFTP . ' -o BatchMode=no -b ' . sys_get_temp_dir() . '/exec.txt -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -P ' . CONF['ht']['public_sftp_port'] . ' ' . $username . '@' . CONF['ht']['sftp_domain'], [0 => ['pipe', 'r']], $pipes);
+	$process = proc_open(CONF['check']['sshpass_path'] . ' ' . CONF['check']['sftp_path'] . ' -o BatchMode=no -b ' . sys_get_temp_dir() . '/exec.txt -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -P ' . CONF['ht']['public_sftp_port'] . ' ' . $username . '@' . CONF['ht']['sftp_domain'], [0 => ['pipe', 'r']], $pipes);
 	if (is_resource($process) !== true)
 		exit('Can\'t spawn sftp with sshpass.' . LF);
 	fwrite($pipes[0], $password);