diff --git a/flake.lock b/flake.lock
index ee51202..88c4850 100755
--- a/flake.lock
+++ b/flake.lock
@@ -90,10 +90,10 @@
     "nix-secrets": {
       "flake": false,
       "locked": {
-        "lastModified": 1746456167,
-        "narHash": "sha256-wOfe72o2Su+GcuHO6JERTzgCeo7O3mGtjgvfiD/KjGQ=",
+        "lastModified": 1746533618,
+        "narHash": "sha256-DWSvionIGvuSO4C+b/DEYBCOI+eeKg4Zpx/JzV27Alg=",
         "ref": "main",
-        "rev": "c07d110d71e32ff5fabf0219bc9cadab47d3d2a7",
+        "rev": "7851d29bba582893f904cf7b9244abd7adaa0068",
         "shallow": true,
         "type": "git",
         "url": "https://git.terah.dev/imterah/sops"
@@ -185,11 +185,11 @@
         "nixpkgs": "nixpkgs_4"
       },
       "locked": {
-        "lastModified": 1745310711,
-        "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=",
+        "lastModified": 1746485181,
+        "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c",
+        "rev": "e93ee1d900ad264d65e9701a5c6f895683433386",
         "type": "github"
       },
       "original": {
diff --git a/hosts/andromeda/configuration.nix b/hosts/andromeda/configuration.nix
index 5a2ef9e..d2492c7 100755
--- a/hosts/andromeda/configuration.nix
+++ b/hosts/andromeda/configuration.nix
@@ -60,6 +60,25 @@
 
   virtualisation.oci-containers.backend = "docker";
 
+  # Reverse Proxy setup
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.10.0.3/24" ];
+      privateKeyFile = config.sops.secrets.reverse_proxy_client_privkey.path;
+      table = "69";
+
+      postSetup = "ip rule add from 10.10.0.2 table 69";
+      preShutdown = "ip rule del from 10.10.0.2 table 69";
+
+      peers = [{
+        publicKey = "QXDlW73/+hKJu6CPiCmpSWOXqKvJPC+b7E7iuvRpL2A=";
+        allowedIPs = [ "0.0.0.0/0" "::/0" ];
+        endpoint = "terah.dev:55107";
+        persistentKeepalive = 25;
+      }];
+    };
+  };
+
   # Volumes
   fileSystems."/mnt/NASBox" = {
     device = "192.168.0.3:/mnt/Diskette/KubeData";
diff --git a/secrets b/secrets
index c07d110..7851d29 160000
--- a/secrets
+++ b/secrets
@@ -1 +1 @@
-Subproject commit c07d110d71e32ff5fabf0219bc9cadab47d3d2a7
+Subproject commit 7851d29bba582893f904cf7b9244abd7adaa0068