diff --git a/clients/quadraticserver/network.nix b/clients/quadraticserver/network.nix
new file mode 100644
index 0000000..737c642
--- /dev/null
+++ b/clients/quadraticserver/network.nix
@@ -0,0 +1,19 @@
+{
+  networking.useDHCP = false;
+  systemd.network.enable = true;
+  systemd.network.networks."30-wan" = {
+    matchConfig.Name = "enp1s0";
+    networkConfig.DHCP = "no";
+    address = [
+      "91.99.155.129/32"
+      "2a01:4f8:c012:d202::1/64"
+    ];
+    routes = [
+      {
+        Gateway = "172.31.1.1";
+        GatewayOnLink = true;
+      }
+      { Gateway = "fe80::1"; }
+    ];
+  };
+}
diff --git a/modules/common/dns.nix b/modules/common/dns.nix
index c2962ff..37be13c 100644
--- a/modules/common/dns.nix
+++ b/modules/common/dns.nix
@@ -1,3 +1,4 @@
+{ lib, ... }:
 {
   services.dnsproxy = {
     enable = true;
@@ -9,5 +10,5 @@
     };
   };
 
-  environment.etc."resolv.conf".text = "nameserver 127.0.0.1";
+  environment.etc."resolv.conf".text = lib.mkForce "nameserver 127.0.0.1";
 }
diff --git a/modules/server/caddy.nix b/modules/server/caddy.nix
index 7b7d479..1f9e286 100644
--- a/modules/server/caddy.nix
+++ b/modules/server/caddy.nix
@@ -12,7 +12,10 @@
 
   config = {
     systemd.services.caddy.serviceConfig.Restart = lib.mkForce "always";
-    networking.firewall.allowedTCPPorts = [ 443 ];
+    networking.firewall.allowedTCPPorts = [
+      80
+      443
+    ];
     services.caddy = {
       enable = true;
       email = "henry@henryhiles.com";