diff --git a/machines/orbi/service-photoprism.nix b/machines/orbi/service-photoprism.nix
index 00723fa..f8df7fa 100644
--- a/machines/orbi/service-photoprism.nix
+++ b/machines/orbi/service-photoprism.nix
@@ -4,6 +4,7 @@
   lib,
   components,
   inputs,
+  zerotierInterface,
   ...
 }:
 let
@@ -14,17 +15,19 @@ in
 {
 
   networking.firewall.interfaces.wg0.allowedTCPPorts = [ photoprismPort ];
-  # networking.firewall.interfaces.wg0.allowedUDPPorts = [ photoprismPort ];
 
   healthchecks.closed.public.ports.photoprism = [
     photoprismPort
     mysqlPort
   ];
+
   healthchecks.http.photoprism = {
     url = "http://10.100.0.1:2342/library/login";
     expectedContent = "AI-Powered Photos App";
   };
 
+  networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [ photoprismPort ];
+
   containers.photoprism = {
     privateNetwork = false;
     autoStart = true;