diff --git a/system/machines/server/system.nix b/system/machines/server/system.nix
index b843f7e..1d4065c 100644
--- a/system/machines/server/system.nix
+++ b/system/machines/server/system.nix
@@ -21,7 +21,12 @@
     webdav.enable = false;
     wireguard = {
       enable = true;
-      peers = [ ];
+      peers = [
+        {
+          publicKey = "HRFsVXn3jeqKQLQIl0cB6KC/qia7M1gQf2lqG5HDxF8=";
+          allowedIPs = [ "10.8.0.2/32" ];
+        }
+      ];
     };
     # bitcoin = {
     #   enable = true;
@@ -189,6 +194,11 @@
     };
   };
 
+  systemd.services.dnsmasq = {
+    after = [ "wireguard-wg0.service" ];
+    wants = [ "wireguard-wg0.service" ];
+  };
+
   services.fail2ban = {
     enable = true;
     maxretry = 5;