diff --git a/nodes/sophie/vmhost.py b/nodes/sophie/vmhost.py
index 092e0b2..95abe56 100644
--- a/nodes/sophie/vmhost.py
+++ b/nodes/sophie/vmhost.py
@@ -2,14 +2,13 @@ nodes['sophie.vmhost'] = {
     'hostname': '172.19.164.2',
     'bundles': {
         'backup-client',
-        'hetzner-dyndns',
         'lm-sensors',
-        'mosquitto',
         'nfs-server',
+        'mosquitto',
         'smartd',
         'vmhost',
-        'wireguard',
         'zfs',
+        'hetzner-dyndns'
     },
     'groups': {
         'debian-bookworm',
@@ -25,7 +24,7 @@ nodes['sophie.vmhost'] = {
         },
         'hetzner-dyndns': {
             'zone': 'sophies-kitchen.eu',
-            'record': 'router.home',
+            'record': 'home.router',
             'api_key': vault.decrypt('encrypt$gAAAAABoABHrRTTyOAAFIsHK_g-bubDoNJidbAQ6_0VXyqfal8-wpVMuPPlrw-OtbI1AjNU6Rd1_gKTvwYtNYO9X6RuvuW3TCCH_eitpsoylVEQ0X6SDFNQAFfjkRlOgEiFl85oyTazl'),
         },
         'interfaces': {
@@ -73,21 +72,6 @@ nodes['sophie.vmhost'] = {
                 },
             },
         },
-        'nftables': {
-            'forward': {
-                '50-router': [
-                    'ct state { related, established } accept',
-                    'oifname br1 accept',
-                ],
-            },
-            'input': {
-                '50-wireguard': [
-                    'udp dport 1194 accept',
-                    'udp dport 10348 accept',
-                    'udp dport 10349 accept',
-                ],
-            },
-        },
         'smartd': {
             'disks': {
                 '/dev/nvme0',
@@ -97,12 +81,6 @@ nodes['sophie.vmhost'] = {
                 '/dev/disk/by-id/ata-ST20000NM007D-3DJ103_ZVT7D6JP',
             },
         },
-        'sysctl': {
-            'options': {
-                'net.ipv4.conf.all.forwarding': '1',
-                'net.ipv6.conf.all.forwarding': '1',
-            },
-        },
         'systemd-networkd': {
             'bridges': {
                 'br0': {
@@ -137,29 +115,6 @@ nodes['sophie.vmhost'] = {
                 },
             },
         },
-        'wireguard': {
-            'snat_ip': '172.19.137.2',
-            'peers': {
-                'thinkpad': {
-                    'endpoint': None,
-                    'exclude_from_monitoring': True,
-                    'my_ip': '172.19.165.64',
-                    'my_port': 10348,
-                    'their_ip': '172.19.165.65',
-                    'psk': vault.decrypt('encrypt$gAAAAABoAUy3lAHfn7d9Jn4ppiPRr6LOReFGyGS4HzWC5ACHNipDFnGttnOHNji2DGIYVITzj3PosZs7PRn8BvXmwumEXNNP-G0nDucuiNNzUKuOCP4YWaF9-I1tnpmT_td3nqsCDajH'),
-                    'pubkey': vault.decrypt('encrypt$gAAAAABoAUxlf048ovJebqo0MlLiLHcuuTCSmnCzhxSZPrFMjRaFLW0CvC3GnVed_4n7CjjZ6ygrORSl8xyBM5hvbN0-JM_56ZZFpn1UVkizctjHjb1u2XtpGAe2nMAnq2Cdg5swgH9S'),
-                },
-                'smartphone': {
-                    'endpoint': None,
-                    'exclude_from_monitoring': True,
-                    'my_ip': '172.19.165.66',
-                    'my_port': 10349,
-                    'their_ip': '172.19.165.67',
-                    'psk': vault.decrypt('encrypt$gAAAAABoAUy3lAHfn7d9Jn4ppiPRr6LOReFGyGS4HzWC5ACHNipDFnGttnOHNji2DGIYVITzj3PosZs7PRn8BvXmwumEXNNP-G0nDucuiNNzUKuOCP4YWaF9-I1tnpmT_td3nqsCDajH'),
-                    'pubkey': vault.decrypt('encrypt$gAAAAABoAWD96YcEFsLzfOCzjS_4Hg7xX516OZ5RD_qFPSEZliaYSRMhY3uyNDtQ--e0dzEwdFHK_xGT3F7jQzYAvftH4iFtk9y3n3FNFVPxqsWckX4cJIX7ZZszbQCq8sfZZXGUR0C9'),
-                },
-            },
-        },
         'zfs': {
             'pools': {
                 'storage': {