diff --git a/application/nginx.nix b/application/nginx.nix
index 433b389..7579a0d 100644
--- a/application/nginx.nix
+++ b/application/nginx.nix
@@ -9,7 +9,10 @@
       enableACME = true;
       forceSSL = true;
       root = "/var/www/cache.matri.cx";
-      locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
+      locations."/" = {
+        extraConfig = "allow 192.168.0.0\/24;\ndeny all;";
+        proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
+      };
     };
 
     virtualHosts."caitlynncox.com" = {
diff --git a/flake.nix b/flake.nix
index 206ca0f..54bc911 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,11 +1,18 @@
 {
+  description = "eve-psr-nix0 - Home Server";
+
   inputs = {
+    nixpkgs.url = "nixpkgs/nixos-23.05";
+
     agenix = {
       url = "github:ryantm/agenix";
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.darwin.follows = "";
     };
-    nixpkgs.url = "nixpkgs/nixos-23.05";
+    nix-serve-ng = {
+      url = github:aristanetworks/nix-serve-ng;
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = { self, nixpkgs, agenix, ... }@attrs:
@@ -28,6 +35,7 @@
 
               imports = [
                 agenix.nixosModules.default
+                nix-serve-ng.nixosModules.default
 
                 ./application/containers.nix
                 ./application/nginx.nix