diff --git a/nixos/components/network/default.nix b/nixos/components/network/default.nix
index 5e73817..fd452b9 100644
--- a/nixos/components/network/default.nix
+++ b/nixos/components/network/default.nix
@@ -10,13 +10,14 @@ with types;
   };
 
   imports = [
-    ./sshd
-    ./tinc
-    ./hosts.nix
-    ./wifi.nix
     #./avahi.nix
-    ./syncthing.nix
+    ./hosts.nix
     ./nginx.nix
+    ./sshd
+    ./syncthing.nix
+    ./tinc
+    ./wifi.nix
+    ./wireguard.nix
   ];
 
   config = mkIf config.components.network.enable { };
diff --git a/nixos/components/network/wireguard.nix b/nixos/components/network/wireguard.nix
new file mode 100644
index 0000000..b43e81e
--- /dev/null
+++ b/nixos/components/network/wireguard.nix
@@ -0,0 +1,16 @@
+{ lib, config, ... }:
+with lib;
+{
+
+  options.wireguard = {
+    wg0 = {
+      #ipv4 = mkOption { type = types.str; };
+      subnet = mkOption {
+        type = types.str;
+        default = "10.100.0.1/24";
+      };
+    };
+  };
+
+}
+
diff --git a/nixos/machines/chungus/rbackup.nix b/nixos/machines/chungus/rbackup.nix
index da2aaca..cb7c542 100644
--- a/nixos/machines/chungus/rbackup.nix
+++ b/nixos/machines/chungus/rbackup.nix
@@ -29,18 +29,18 @@
       dst = "/mirror/matrix-terranix";
     };
 
-    radarr = {
-      sshKeyPath = config.sops.secrets.rsync_private_key.path;
-      src = "root@robi:/media/arr/radarr";
-      dst = "/media/arr/radarr";
-      delete = false;
-    };
-    sonarr = {
-      sshKeyPath = config.sops.secrets.rsync_private_key.path;
-      src = "root@robi:/media/arr/sonarr";
-      dst = "/media/arr/sonarr";
-      delete = false;
-    };
+    #radarr = {
+    #  sshKeyPath = config.sops.secrets.rsync_private_key.path;
+    #  src = "root@robi:/media/arr/radarr";
+    #  dst = "/media/arr/radarr";
+    #  delete = false;
+    #};
+    #sonarr = {
+    #  sshKeyPath = config.sops.secrets.rsync_private_key.path;
+    #  src = "root@robi:/media/arr/sonarr";
+    #  dst = "/media/arr/sonarr";
+    #  delete = false;
+    #};
 
 
   };
diff --git a/nixos/machines/orbi/media-arr.nix b/nixos/machines/orbi/media-arr.nix
index 4fd1632..1925a57 100644
--- a/nixos/machines/orbi/media-arr.nix
+++ b/nixos/machines/orbi/media-arr.nix
@@ -36,8 +36,10 @@
 
   services.nginx.virtualHosts = {
     "radarr.${config.networking.hostName}.private" = {
+      serverAliases = [ "radarr.ingolf-wagner.de" ];
       extraConfig = ''
         allow ${config.tinc.private.subnet};
+        allow ${config.wireguard.wg0.subnet};
         deny all;
       '';
       locations."/" = {
@@ -46,8 +48,10 @@
       };
     };
     "sonarr.${config.networking.hostName}.private" = {
+      serverAliases = [ "sonarr.ingolf-wagner.de" ];
       extraConfig = ''
         allow ${config.tinc.private.subnet};
+        allow ${config.wireguard.wg0.subnet};
         deny all;
       '';
       locations."/" = {