diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index e36b0b0..194328e 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -24,5 +24,27 @@
   networking.useDHCP = false;
   networking.interfaces.enp1s0.useDHCP = true;
 
+  networking.wireguard.enable = true;
+  networking.wireguard.interfaces = {
+    wg-gatekeeper = {
+      ips = [
+        "10.20.30.104/24"
+        "2a01:4f8:c0c:15f1:8104/64"
+      ];
+      peers = [
+        {
+          allowedIPs = [
+            "0.0.0.0/0"
+            "::/0"
+          ];
+          allowedIPsAsRoute = false;
+          endpoint = "gatekeeper.net.clerie.de:51820";
+          publicKey = "2p1Jqs3bkXbXHFWE6vp1yxHIFoUaZQEARS2nJzbkuBA=";
+        }
+      ];
+      privateKeyFile = "/var/src/secrets/wireguard/wg-gatekeeper";
+    };
+  };
+
   system.stateVersion = "21.03";
 }