{ pkgs, config, lib, ...}: {
  networking.wireguard.interfaces = {
    wg0 = {
      ips = [ "192.168.3.1/24" ];
      listenPort = 51820;
      privateKeyFile = "/run/agenix/wireguard/server-private";

      peers = [
          #
          # James
          #
        { # Primary Cell
          publicKey = "jko+bd/y1+3X40/AGX9OpV2H/Wlb9C2Jwkfs4Knjljg=";
          allowedIPs = [ "192.168.3.2/32" ];
        }
          #
          # Caitlynn
          #
        { # Primary Cell
          publicKey = "Xbp3+huOWE0sTcWtk5BA2Qc4gk5vjFVgE6+qYJBpgkY=";
          allowedIPs = [ "192.168.3.3/32" ];
        }
      ];

      postSetup = ''
        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE
      '';
      postShutdown = ''
        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 192.168.3.0/24 -o eth0 -j MASQUERADE
      '';
    };
	};
}