diff --git a/networking/firewall.mod.nix b/networking/firewall.mod.nix
index 21cac4f..e910880 100644
--- a/networking/firewall.mod.nix
+++ b/networking/firewall.mod.nix
@@ -40,9 +40,9 @@
       services.fail2ban.enable = true;
       networking.firewall = {
         interfaces.eth0.allowedTCPPorts = [
-          80
+          80 # http
           222 # forgejo ssh
-          443
+          443 # https 
           64738 # murmur tcp
         ];
         interfaces.eth0.allowedUDPPorts = [
diff --git a/services/caddy/Caddyfile b/services/caddy/Caddyfile
index c35763c..cd231c6 100644
--- a/services/caddy/Caddyfile
+++ b/services/caddy/Caddyfile
@@ -48,4 +48,11 @@ https://cache.collective-conciousness.monster {
     encode zstd gzip
      
     reverse_proxy 10.24.1.4:5020
+}
+
+https://grf.collective-conciousness.monster {
+    encode zstd gzip
+
+    @wireguard-network remote_ip 10.24.1.0/24 
+    reverse_proxy @wireguard-network 10.24.1.4:6700
 }
\ No newline at end of file