diff --git a/hosts/aluminium/configuration.nix b/hosts/aluminium/configuration.nix
index de97df3..713fd3d 100644
--- a/hosts/aluminium/configuration.nix
+++ b/hosts/aluminium/configuration.nix
@@ -21,39 +21,11 @@
 
   networking.hostName = "aluminium";
 
-  networking.iproute2.enable = true;
-  networking.iproute2.rttablesExtraConfig = ''
-    200 wg-clerie
-  '';
-
-  petabyte.policyrouting = {
+  services.wg-clerie = {
     enable = true;
-    rules6 = [
-      { rule = "from 2a01:4f8:c0c:15f1::8106/128 lookup wg-clerie"; prio = 20000; }
-      { rule = "from 2a01:4f8:c0c:15f1::8106/128 unreachable"; prio = 20001; }
-    ];
-    rules4 = [
-      { rule = "from 10.20.30.106/32 lookup wg-clerie"; prio = 20000; }
-      { rule = "from 10.20.30.106/32 unreachable"; prio = 20001; }
-    ];
-  };
-
-
-  networking.wireguard.enable = true;
-  networking.wireguard.interfaces = {
-    wg-clerie = {
-      ips = [ "2a01:4f8:c0c:15f1::8106/128" "10.20.30.106/32" ];
-      table = "wg-clerie";
-      peers = [
-        {
-          endpoint = "vpn.clerie.de:51820";
-          persistentKeepalive = 25;
-          allowedIPs = [ "0.0.0.0/0" "::/0" "10.20.30.0/24" "2a01:4f8:c0c:15f1::/113" ];
-          publicKey = "2p1Jqs3bkXbXHFWE6vp1yxHIFoUaZQEARS2nJzbkuBA=";
-        }
-      ];
-      privateKeyFile = "/var/src/secrets/wireguard/wg-clerie";
-    };
+    ipv6s = [ "2a01:4f8:c0c:15f1::8106/128" ];
+    ipv4s = [ "10.20.30.106/32" ];
+    privateKeyFile = "/var/src/secrets/wireguard/wg-clerie";
   };
 
   clerie.monitoring = {