diff --git a/hosts/juri/host.nix b/hosts/juri/host.nix
index 8a016b6..192639b 100644
--- a/hosts/juri/host.nix
+++ b/hosts/juri/host.nix
@@ -36,6 +36,11 @@ in {
           reverse_proxy :${builtins.toString config.forgejo.server.port}
         '';
       };
+      "ginko.woach.me" = {
+        extraConfig = ''
+          reverse_proxy :${builtins.toString config.headscale.server.port}
+        '';
+      };
     };
   };
 
@@ -56,10 +61,16 @@ in {
     };
   };
 
+  headscale = {
+    enable = true;
+    server.domain = "ginko.woach.me";
+  };
+
   postgres.enable = true;
 
   shell.enabledShells = [ "fish" ];
   shell.defaultShell = "fish";
 
+  tailscale.enable = true;
   sshd.enable = true;
 }
diff --git a/hosts/onizuka/host.nix b/hosts/onizuka/host.nix
index c48f020..d2dbc49 100644
--- a/hosts/onizuka/host.nix
+++ b/hosts/onizuka/host.nix
@@ -13,6 +13,7 @@
   system.users.bigWheels = [ "pan" ];
 
   sshd.enable = true;
+  tailscale.enable = true;
 
   tuigreet.enable = true;
   niri.enable = true;
diff --git a/nixosModules/services/headscale/service.nix b/nixosModules/services/headscale/service.nix
new file mode 100644
index 0000000..12fbad7
--- /dev/null
+++ b/nixosModules/services/headscale/service.nix
@@ -0,0 +1,26 @@
+{ config, lib, ... }:
+
+{
+  options.headscale = {
+    enable = lib.mkEnableOption "Enable headscale";
+    server = {
+      port = lib.mkOption { default = 7204; };
+      domain = lib.mkOption { type = lib.types.str; };
+    };
+  };
+
+  config = lib.mkIf config.headscale.enable {
+    networking.firewall.allowedUDPPorts = [ 3478 ];
+    services.headscale = {
+      enable = true;
+      port = config.headscale.server.port;
+      settings = {
+        server_url = "https://${config.headscale.server.domain}";
+        dns = {
+          base_domain = "connect.claris";
+          override_local_dns = false;
+        };
+      };
+    };
+  };
+}
diff --git a/nixosModules/services/tailscale/service.nix b/nixosModules/services/tailscale/service.nix
new file mode 100644
index 0000000..cd94ad8
--- /dev/null
+++ b/nixosModules/services/tailscale/service.nix
@@ -0,0 +1,11 @@
+{ config, pkgs, lib, ... }:
+
+{
+  options.tailscale = {
+    enable = lib.mkEnableOption "enables tailscale";
+  };
+
+  config = lib.mkIf config.tailscale.enable {
+    services.tailscale.enable = true;
+  };
+}