diff --git a/hosts/bomberman/system/default.nix b/hosts/bomberman/system/default.nix
index e22e0b6..f7d4d7a 100644
--- a/hosts/bomberman/system/default.nix
+++ b/hosts/bomberman/system/default.nix
@@ -10,7 +10,7 @@
     ../../../modules/system/devices/boot/systemd
     ../../../modules/system/devices/networking
     ../../../modules/system/devices/networking/firewall/pc
-    #../../../modules/system/devices/networking/wireguard/pc
+    ../../../modules/system/devices/networking/wireguard/pc
     ../../../modules/system/programs/git
     ../../../modules/system/programs/security
     ../../../modules/system/services/common
@@ -21,4 +21,5 @@
   ];
 
   networking.hostName = "bomberman";
+  systemd.network.networks.wg0.address = [ "10.100.0.19/24" ];
 }
diff --git a/modules/system/devices/networking/wireguard/pc/default.nix b/modules/system/devices/networking/wireguard/pc/default.nix
index a792486..69984df 100644
--- a/modules/system/devices/networking/wireguard/pc/default.nix
+++ b/modules/system/devices/networking/wireguard/pc/default.nix
@@ -1,22 +1,32 @@
-{ config, ... }:
+{ config, pkgs, ... }:
 {
-  networking.firewall = {
-    allowedUDPPorts = [ 51820 ];
-  };
-
-  networking.wireguard.interfaces = {
-    "${config.ips.wgInt}" = {
-      # Define IP of client in per device config
-      listenPort = 51820;
-      privateKey = config.secrets.wgClientPriv;
-      peers = [
-        { # 0.0.0.0 makes wg act like a traditional VPN
-          publicKey = config.secrets.wgServerPub;
-          allowedIPs = [ "0.0.0.0/0" ];
-          endpoint = "sv.${config.secrets.jimDomain}:51820";
-          persistentKeepalive = 25;
-        }
-      ];
+  systemd.network = {
+    enable = true;
+    netdevs = {
+      "10-wg0" = {
+        netdevConfig = {
+          Kind = "wireguard";
+          Name = "wg0";
+          MTUBytes = 1300;
+        };
+        wireguardConfig = {
+          PrivateKeyFile = pkgs.writeText "privkey" config.secrets.wgClientPriv;
+          ListenPort = 9918;
+        };
+        wireguardPeers = [
+          {
+            PublicKey = config.secrets.wgServerPub;
+            AllowedIPs = [ "0.0.0.0/0" ];
+            Endpoint = "sv.${config.secrets.jimDomain}:51820";
+          }
+        ];
+      };
+    };
+    networks.wg0 = {
+      matchConfig.Name = "wg0";
+      address = [ "10.100.0.19/24" ];
+      dns = [ "1.1.1.1" ];
+      gateway = [ "${config.ips.wgSpan}.1" ];
     };
   };
 }
diff --git a/modules/system/devices/networking/wireguard/server/default.nix b/modules/system/devices/networking/wireguard/server/default.nix
index e8d8a43..89ac746 100644
--- a/modules/system/devices/networking/wireguard/server/default.nix
+++ b/modules/system/devices/networking/wireguard/server/default.nix
@@ -21,10 +21,6 @@
             publicKey = config.secrets.wgPixel9Pub;
             allowedIPs = [ "${config.ips.wgSpan}.2/32" ];
           }
-          { # Oracle VM
-            publicKey = config.secrets.wgOraclePub;
-            allowedIPs = [ "${config.ips.wgSpan}.3/32" ];
-          }
           { # General Nix
             publicKey = config.secrets.wgClientPub;
             allowedIPs = [ "${config.ips.wgSpan}.16/28" ];