diff --git a/nixos/gorgon/configuration.nix b/nixos/gorgon/configuration.nix
index 1a74f39..df7fe26 100644
--- a/nixos/gorgon/configuration.nix
+++ b/nixos/gorgon/configuration.nix
@@ -38,7 +38,10 @@ in
     luks.uuid = "3d0e5b93-90ca-412a-b4e0-3e6bfa47d3f4";
     networking = {
       enableBsShare = true;
-      useLocalResolver = true;
+      localResolver = {
+        enable= true;
+        uwu= true;
+      };
       vpnExtension = "3";
     };
     backupClient = {
@@ -116,6 +119,19 @@ in
     "10.1.2.9" = [ "fgprinter.fginfo.tu-bs.de" ];
   };
 
+  networking.wireguard.interfaces.uwupn = {
+    ips = [ "10.11.0.24/32" "fc00:1337:dead:beef::10.11.0.24/128" ];
+    privateKeyFile = "/var/lib/wireguard/uwu";
+    peers = [
+      {
+        publicKey = "tuoiOWqgHz/lrgTcLjX+xIhvxh9jDH6gmDw2ZMvX5T8=";
+        allowedIPs = [ "10.11.0.0/22" "fc00:1337:dead:beef::10.11.0.0/118" ];
+        endpoint = "53c70r.de:51820";
+        persistentKeepalive = 25;
+      }
+    ];
+  };
+
   hardware.opengl = {
     enable = true;
     extraPackages = with pkgs; [
diff --git a/nixos/modules/networking.nix b/nixos/modules/networking.nix
index 2456fa1..c9cb220 100644
--- a/nixos/modules/networking.nix
+++ b/nixos/modules/networking.nix
@@ -6,7 +6,10 @@ in
 {
   options = {
     dadada.networking = {
-      useLocalResolver = mkEnableOption "Enable local caching name server";
+      localResolver = {
+        enable = mkEnableOption "Enable local caching name server";
+        uwu = mkEnableOption "Enable uwupn";
+      };
       wanInterfaces = mkOption {
         type = with types; listOf str;
         description = "WAN network interfaces";
@@ -22,10 +25,10 @@ in
   };
 
   config = {
-    networking.resolvconf.useLocalResolver = mkIf cfg.useLocalResolver true;
-    networking.networkmanager.dns = mkIf cfg.useLocalResolver "unbound";
+    networking.resolvconf.useLocalResolver = mkIf cfg.localResolver.enable true;
+    networking.networkmanager.dns = mkIf cfg.localResolver.enable "unbound";
 
-    services.unbound = mkIf cfg.useLocalResolver {
+    services.unbound = mkIf cfg.localResolver.enable {
       enable = true;
       settings = {
         server = {
@@ -53,7 +56,9 @@ in
           ];
           private-domain = [
             "dadada.li"
+            (mkIf cfg.localResolver.uwu "uwu")
           ];
+          domain-insecure = mkIf cfg.localResolver.uwu "uwu";
           interface = [
             "127.0.0.1"
             "::1"
@@ -70,6 +75,14 @@ in
               "149.112.112.112@853#dns.quad9.net"
             ];
           }
+          (mkIf cfg.localResolver.uwu {
+            name = "uwu.";
+            forward-addr = [
+              "fc00:1337:dead:beef::10.11.0.1"
+              "10.11.0.1"
+            ];
+          }
+          )
         ];
       };
     };
diff --git a/nixos/modules/profiles/server.nix b/nixos/modules/profiles/server.nix
index 333ee8d..beaa781 100644
--- a/nixos/modules/profiles/server.nix
+++ b/nixos/modules/profiles/server.nix
@@ -9,7 +9,7 @@ in {
     "dadada" = keys;
   };
 
-  dadada.networking.useLocalResolver = true;
+  dadada.networking.localResolver.enable = true;
 
   dadada.autoUpgrade.enable = mkDefault true;