diff --git a/configuration.nix b/configuration.nix
index 0acc144..1b1dc5c 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -122,6 +122,10 @@
 
   # Media
   vlc
+
+  # Network
+  wireguard-tools
+
   ];
 
   # Some programs need SUID wrappers, can be configured further or are
diff --git a/extra-services.nix b/extra-services.nix
index 81121ed..d4ffb24 100644
--- a/extra-services.nix
+++ b/extra-services.nix
@@ -30,4 +30,20 @@ services.pcscd.enable = true;
 ###### NTFS (3G) support ######
 
 boot.supportedFilesystems = [ "ntfs" ];
-}
\ No newline at end of file
+
+##### Let wiregurad thru firewall ##########
+  networking.firewall = {
+   # if packets are still dropped, they will show up in dmesg
+   logReversePathDrops = true;
+   # wireguard trips rpfilter up
+   extraCommands = ''
+     ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 1637 -j RETURN
+     ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 1637 -j RETURN
+   '';
+   extraStopCommands = ''
+     ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 1637 -j RETURN || true
+     ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 1637 -j RETURN || true
+   '';
+  };
+
+}
diff --git a/user-adam.nix b/user-adam.nix
index 2edd605..2d8d1c7 100644
--- a/user-adam.nix
+++ b/user-adam.nix
@@ -37,6 +37,7 @@
       vscodium
       kicad
       ansible
+      go
       virtualenv
 
      # security