diff --git a/flake.lock b/flake.lock
index 4fcae03..12682b8 100644
--- a/flake.lock
+++ b/flake.lock
@@ -474,7 +474,28 @@
         "nixpkgs-unstable": "nixpkgs-unstable",
         "nvim-kitty-navigator": "nvim-kitty-navigator",
         "openwrt-imagebuilder": "openwrt-imagebuilder",
-        "pre-commit-hooks": "pre-commit-hooks"
+        "pre-commit-hooks": "pre-commit-hooks",
+        "seven-modules": "seven-modules"
+      }
+    },
+    "seven-modules": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1749209568,
+        "narHash": "sha256-D8EN+fjyhYGhQQoY5WfGlX7arc+C7OyDk66CJuscpGo=",
+        "ref": "refs/heads/main",
+        "rev": "520d5c291ca0d059fc38f42f503bb704d72b22f4",
+        "revCount": 3,
+        "type": "git",
+        "url": "ssh://git@felschr.com:2222/felschr/seven-modules"
+      },
+      "original": {
+        "type": "git",
+        "url": "ssh://git@felschr.com:2222/felschr/seven-modules"
       }
     },
     "systems": {
diff --git a/flake.nix b/flake.nix
index f9295b2..53ca564 100644
--- a/flake.nix
+++ b/flake.nix
@@ -77,6 +77,10 @@ rec {
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    seven-modules = {
+      url = "git+ssh://git@felschr.com:2222/felschr/seven-modules";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs =
diff --git a/home/felschr-work.nix b/home/felschr-work.nix
index 1ccc9f4..73e4003 100644
--- a/home/felschr-work.nix
+++ b/home/felschr-work.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ inputs, pkgs, ... }:
 
 with pkgs;
 {
@@ -18,6 +13,7 @@ with pkgs;
     ./browsers
     ./planck.nix
     ./services/easyeffects.nix
+    inputs.seven-modules.homeModules.seven
   ];
 
   programs.gpg.enable = true;
@@ -77,5 +73,7 @@ with pkgs;
     emblem
   ];
 
+  seven.enable = true;
+
   home.stateVersion = "25.05";
 }
diff --git a/home/felschr.nix b/home/felschr.nix
index 49eb332..b0e32b0 100644
--- a/home/felschr.nix
+++ b/home/felschr.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, ... }:
+{ inputs, pkgs, ... }:
 
 {
   imports = [
@@ -15,6 +15,7 @@
     ./ausweisapp.nix
     ./gaming
     ./services/easyeffects.nix
+    inputs.seven-modules.homeModules.seven
   ];
 
   programs.gpg.enable = true;
@@ -90,5 +91,7 @@
     emblem
   ];
 
+  seven.enable = true;
+
   home.stateVersion = "25.05";
 }
diff --git a/hosts/cmdframe/default.nix b/hosts/cmdframe/default.nix
index cb95dfc..e1750c8 100644
--- a/hosts/cmdframe/default.nix
+++ b/hosts/cmdframe/default.nix
@@ -1,4 +1,4 @@
-{ config, ... }:
+{ inputs, config, ... }:
 
 {
   imports = [
@@ -13,8 +13,14 @@
     ../../virtualisation/podman.nix
     ../../virtualisation/libvirt.nix
     ../../modules/systemdNotify.nix
+    inputs.seven-modules.nixosModules.seven
   ];
 
+  age.secrets.wireguard-seven-cmdframe-key = {
+    file = ../../secrets/wireguard/seven/cmdframe.key.age;
+    owner = "systemd-network";
+  };
+
   services.fprintd.enable = true;
 
   programs.zsh.enable = true;
@@ -33,6 +39,17 @@
     "--operator=felschr"
   ];
 
+  seven = {
+    enable = true;
+    wireguard = {
+      addresses = [
+        "198.18.1.241/15"
+        "fd00:5ec::1f1/48"
+      ];
+      privateKeyFile = config.age.secrets.wireguard-seven-cmdframe-key.path;
+    };
+  };
+
   systemd.notify.enable = true;
   systemd.notify.method = "libnotify";
   systemd.notify.libnotify.user = "felschr";
diff --git a/hosts/home-pc/default.nix b/hosts/home-pc/default.nix
index 2a26cfd..5e32deb 100644
--- a/hosts/home-pc/default.nix
+++ b/hosts/home-pc/default.nix
@@ -1,4 +1,4 @@
-{ lib, ... }:
+{ inputs, config, ... }:
 
 {
   imports = [
@@ -20,8 +20,14 @@
     ../../services/restic/home-pc.nix
     ../../services/pcscd.nix
     ../../services/open-webui.nix
+    inputs.seven-modules.nixosModules.seven
   ];
 
+  age.secrets.wireguard-seven-home-pc-key = {
+    file = ../../secrets/wireguard/seven/home-pc.key.age;
+    owner = "systemd-network";
+  };
+
   boot.loader.systemd-boot.memtest86.enable = true;
 
   # running binaries for other architectures
@@ -54,6 +60,17 @@
     "87.98.162.88" = [ "portcheck.transmissionbt.com" ];
   };
 
+  seven = {
+    enable = true;
+    wireguard = {
+      addresses = [
+        "198.18.1.239/15"
+        "fd00:5ec::1ef/48"
+      ];
+      privateKeyFile = config.age.secrets.wireguard-seven-home-pc-key.path;
+    };
+  };
+
   systemd.notify.enable = true;
   systemd.notify.method = "libnotify";
   systemd.notify.libnotify.user = "felschr";
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 6354b4b..a906a73 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -14,6 +14,14 @@ let
   ];
 in
 {
+  "wireguard/seven/home-pc.key.age".publicKeys = [
+    felschr
+    home-pc
+  ];
+  "wireguard/seven/cmdframe.key.age".publicKeys = [
+    felschr
+    cmdframe
+  ];
   "restic/b2.age".publicKeys = [
     felschr
     home-pc
diff --git a/secrets/wireguard/seven/cmdframe.key.age b/secrets/wireguard/seven/cmdframe.key.age
new file mode 100644
index 0000000..8189467
--- /dev/null
+++ b/secrets/wireguard/seven/cmdframe.key.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 OAZQhA FfKFQDfxUjN7GOUnkkfChufgJubjr58U73ZPf7NYVk4
+yhnJ8a/rWjo3d0zv26K1RWjSZ1cIodrfZM3/GkrUWYc
+-> ssh-ed25519 4e2jfw cbNujNcFJlIUmdiju+vKa+/nGl7nktktp/qdCRABEVA
+6JKFvoJUOx/oOoF2FBIGQtrqeDelgTXkz5jT7NKNfgE
+--- NclMQArY2fMEnOMEBnm/4hD8v7F1gZcuZU2QBjH4HzU
+�R��4�E�'q�����AEh�Z��ٝ$6�F4B�����'_Ky��
u����)�~��Y��ߎ#�*�`����Us3h:3
\ No newline at end of file
diff --git a/secrets/wireguard/seven/home-pc.key.age b/secrets/wireguard/seven/home-pc.key.age
new file mode 100644
index 0000000..9fc1e99
--- /dev/null
+++ b/secrets/wireguard/seven/home-pc.key.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 OAZQhA KeGvnhp8qfU1yhvjVOa0r6yX6O+kVPt6OsVLZ7O/Hws
+enisg9tJchYm3vn2ybB11mIV797QiREfBbr/eboPPxg
+-> ssh-ed25519 lJaKnA xckO8hkJshSnzUjQNcFpdlQtc+UcW+MY7D2NN5M/qlI
+GDRoXlQNvZU4zvbdLuw3CfxP6BDx3BKzWGjAqYP44d4
+--- 7Epn11NgBId/XxQRbi3RuRnDfvzL9fEzDMAvKM6rkOY
+����)yh Хg^���s�j�wC8�M@��S�X&Ho�m��p�1�
?9!����k����V��W*:q��e�uэ
\ No newline at end of file