diff --git a/hosts/hp/default.nix b/hosts/hp/default.nix
index e53df3e..3a22a9e 100644
--- a/hosts/hp/default.nix
+++ b/hosts/hp/default.nix
@@ -24,6 +24,7 @@
     gnome = true;
     profile = "desktop";
     horizon.enable = true;
+    wg-home.enable = true;
   };
 
   boot = {
diff --git a/hosts/lenny/default.nix b/hosts/lenny/default.nix
index 4e083e4..49867d4 100644
--- a/hosts/lenny/default.nix
+++ b/hosts/lenny/default.nix
@@ -24,6 +24,7 @@
     gnome = true;
     profile = "desktop";
     horizon.enable = true;
+    wg-home.enable = true;
   };
 
   zramSwap.memoryPercent = 100;
diff --git a/modules/wg-home.nix b/modules/wg-home.nix
new file mode 100644
index 0000000..232c706
--- /dev/null
+++ b/modules/wg-home.nix
@@ -0,0 +1,18 @@
+{ config, lib, pkgs, ... }:
+{
+  options.sconfig.wg-home.enable = lib.mkEnableOption "set up home VPN";
+
+  config = lib.mkIf config.sconfig.wg-home.enable {
+    systemd.services.wg-home = {
+      script = "wg-quick up /nix/persist/wireguard_home.conf";
+      preStop = "wg-quick down /nix/persist/wireguard_home.conf";
+      path = [ pkgs.wireguard-tools ];
+      serviceConfig = {
+        type = "oneshot";
+        RemainAfterExit = true;
+      };
+    };
+    boot.kernelModules = [ "wireguard" ];
+    environment.systemPackages = [ pkgs.wireguard-tools ];
+  };
+}