diff --git a/hosts/frikandel/wireguard.nix b/hosts/frikandel/wireguard.nix
index bca62b4..09d1b07 100644
--- a/hosts/frikandel/wireguard.nix
+++ b/hosts/frikandel/wireguard.nix
@@ -21,8 +21,8 @@
 
   networking.firewall.allowedUDPPorts = [ 51899 ];
   networking.firewall.extraForwardRules = [
+    "iifname { != wg0 } reject"
     "iifname wg0 accept"
-    "iifname enp1s0 reject"
   ];
 
   # Enable WireGuard
diff --git a/hosts/pie/unbound.nix b/hosts/pie/unbound.nix
index 41125db..a5d3bb6 100644
--- a/hosts/pie/unbound.nix
+++ b/hosts/pie/unbound.nix
@@ -65,10 +65,12 @@
         {
           name = ".";
           forward-addr = [
-            "9.9.9.9@53#quad9"
-            "2620:fe::fe@53#quad9"
+            "193.110.81.0#dns0.eu"
+            "2a0f:fc80::#dns0.eu"
+            "185.253.5.0#dns0.eu"
+            "2a0f:fc81::#dns0.eu"
           ];
-          forward-tls-upstream = "no";
+          forward-tls-upstream = "yes";
         }
       ];
     };
diff --git a/modules/virtualisation/default.nix b/modules/virtualisation/default.nix
index a7666fa..e8c0087 100644
--- a/modules/virtualisation/default.nix
+++ b/modules/virtualisation/default.nix
@@ -43,11 +43,12 @@ in {
   systemd.tmpfiles.rules = [
     "f  /dev/shm/looking-glass  0660  ${psCfg.user.name}  kvm"
   ];
-  networking.bridges.virbr1.interfaces = [];
-  networking.interfaces.virbr1 = {
+
+  networking.bridges.virbr0.interfaces = [];
+  networking.interfaces.virbr0 = {
     ipv4.addresses = [
       {
-        address = "192.168.123.1";
+        address = "192.168.122.1";
         prefixLength = 24;
       }
     ];
diff --git a/users/b12f/home.nix b/users/b12f/home.nix
index ece38d8..9b194a8 100644
--- a/users/b12f/home.nix
+++ b/users/b12f/home.nix
@@ -83,6 +83,14 @@ in {
         "droppie.b12f.io" = {
           user = "yule";
         };
+
+        "nachtigall.pub.solar" = {
+          user = "barkeeper";
+        };
+
+        "flora-6.pub.solar" = {
+          user = "barkeeper";
+        };
       };
     };