diff --git a/hosts/Infini-FRAMEWORK/default.nix b/hosts/Infini-FRAMEWORK/default.nix
index cd02c39..6f11647 100644
--- a/hosts/Infini-FRAMEWORK/default.nix
+++ b/hosts/Infini-FRAMEWORK/default.nix
@@ -4,8 +4,6 @@
 
     (with profiles; [
       networking.wireless
-
-      services.privoxy
     ])
 
     ./hardware-configuration.nix
@@ -43,6 +41,9 @@
       gpu.intel = true;
       form.laptop = true;
     };
+    services = {
+      proxy.enable = true;
+    };
   };
 
   networking.interfaces.wlp170s0.useDHCP = true;
diff --git a/hosts/Infini-STICK/default.nix b/hosts/Infini-STICK/default.nix
index 4e4eec9..5f4abc4 100644
--- a/hosts/Infini-STICK/default.nix
+++ b/hosts/Infini-STICK/default.nix
@@ -6,8 +6,6 @@
       networking.wireless
 
       btrfs
-
-      # services.privoxy
     ])
 
     ./hardware-configuration.nix
@@ -22,6 +20,7 @@
       audio.enable = true;
       form.portable = true;
     };
+    services.proxy.enable = true;
   };
 
   system.stateVersion = "21.11";
diff --git a/hosts/Infini-SWIFT/default.nix b/hosts/Infini-SWIFT/default.nix
index fc2159a..c6a7db8 100644
--- a/hosts/Infini-SWIFT/default.nix
+++ b/hosts/Infini-SWIFT/default.nix
@@ -7,8 +7,6 @@
         networking.wireless
 
         btrfs
-
-        # services.privoxy
       ];
   };
 
@@ -25,6 +23,9 @@
       gpu.amdgpu = true;
       wireless.enable = true;
     };
+    services = {
+      proxy.enable = true;
+    };
   };
 
   networking.interfaces.wlan0.useDHCP = true;
diff --git a/modules/modules/services/proxy.nix b/modules/modules/services/proxy.nix
new file mode 100644
index 0000000..3da549f
--- /dev/null
+++ b/modules/modules/services/proxy.nix
@@ -0,0 +1,40 @@
+{ config, lib, ... }:
+with lib;
+with lib.hlissner;
+let
+  cfg = config.modules.services.proxy;
+in
+{
+  options.modules.services.proxy = {
+    enable = mkBoolOpt false;
+    listen-address = mkOpt types.str "localhost:8118";
+    forwards = {
+      ssh = mkBoolOpt true;
+    };
+  };
+
+  config = mkMerge [
+    (mkIf cfg.enable {
+      services = {
+        privoxy = {
+          enable = true;
+
+          settings = {
+            enable-edit-actions = true;
+            forward-socks5 = mkIf cfg.forwards.ssh "/ 127.0.0.1:49494 .";
+            listen-address = cfg.listen-address;
+          };
+        };
+
+        ssh-tunnel = mkIf cfg.forwards.ssh {
+          enable = true;
+          server = "infinidoge@server.doge-inc.net -p 245 -S none -i /home/infinidoge/.ssh/id_ed25519 -v";
+          requiredBy = [ "privoxy.service" ];
+          forwards.dynamic = [ 49494 ];
+        };
+      };
+
+      networking.proxy.default = cfg.listen-address;
+    })
+  ];
+}
diff --git a/profiles/services/privoxy.nix b/profiles/services/privoxy.nix
deleted file mode 100644
index 9b31c84..0000000
--- a/profiles/services/privoxy.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ pkgs, config, ... }: {
-  services = {
-    privoxy = {
-      enable = true;
-
-      settings = {
-        enable-edit-actions = true;
-        forward-socks5 = "/ 127.0.0.1:1337 .";
-        listen-address = "localhost:8118";
-      };
-    };
-
-    ssh-tunnel = {
-      enable = true;
-      server = "infinidoge@server.doge-inc.net -p 245 -S none -i /home/infinidoge/.ssh/id_ed25519 -v";
-      requiredBy = [ "privoxy.service" ];
-      forwards.dynamic = [ 1337 ];
-    };
-  };
-
-  networking.proxy.default = config.services.privoxy.settings.listen-address;
-}