diff --git a/hosts/Infini-DL360/default.nix b/hosts/Infini-DL360/default.nix
index e58a917..f208b7b 100644
--- a/hosts/Infini-DL360/default.nix
+++ b/hosts/Infini-DL360/default.nix
@@ -11,6 +11,7 @@
     ./secrets
 
     private.nixosModules.minecraft-servers
+    private.nixosModules.wireguard
     ./authentik.nix
     ./conduwuit.nix
     ./drasl.nix
@@ -35,6 +36,7 @@
     ./torrenting.nix
     ./vaultwarden.nix
     ./web.nix
+    ./wireguard.nix
   ];
 
   system.stateVersion = "23.11";
diff --git a/hosts/Infini-DL360/wireguard.nix b/hosts/Infini-DL360/wireguard.nix
new file mode 100644
index 0000000..d8a952c
--- /dev/null
+++ b/hosts/Infini-DL360/wireguard.nix
@@ -0,0 +1,27 @@
+{ pkgs, ... }:
+let
+  subnet = "192.168.200.0/24";
+in
+
+{
+  networking.wireguard.enable = true;
+
+  networking.nat.internalInterfaces = [ "wg0" ];
+  networking.firewall.allowedUDPPorts = [ 51820 ];
+
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "192.168.200.1/24" ];
+      listenPort = 51820;
+
+      privateKeyFile = "/etc/secrets/wireguard/private";
+
+      postSetup = ''
+        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s ${subnet} -o br0 -j MASQUERADE
+      '';
+      postShutdown = ''
+        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s ${subnet} -o br0 -j MASQUERADE
+      '';
+    };
+  };
+}