diff --git a/hosts/vps/configuration.nix b/hosts/vps/configuration.nix
index 1690fa0..44128e1 100644
--- a/hosts/vps/configuration.nix
+++ b/hosts/vps/configuration.nix
@@ -37,6 +37,9 @@ let
     synapseClient = toString config.my.servers.synapse.port;
     syncplay = toString config.my.servers.syncplay.port;
     stash = toString config.my.servers.stash.port;
+    jellyfin = toString config.my.servers.jellyfin.port;
+    audiobookshelf = toString config.my.servers.audiobookshelf.port;
+    kavita = toString config.my.servers.kavita.port;
   };
 in
 {
@@ -103,8 +106,7 @@ in
 
         iifname "${wgInterface}" ip saddr ${subnets.wgFriends} ip daddr ${ips.homeServer}/32 icmp type echo-request accept
         iifname "${wgInterface}" ip saddr ${ips.wgFriend1}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept
-        iifname "${wgInterface}" ip saddr ${ips.wgGuest1}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept
-        iifname "${wgInterface}" ip saddr ${ips.wgGuest2}/32 ip daddr ${ips.homeServer}/32 tcp dport ${portsStr.stash} accept
+        iifname "${wgInterface}" ip saddr ${subnets.wgGuests} ip daddr ${ips.homeServer}/32 tcp dport { ${portsStr.stash}, ${portsStr.jellyfin}, ${portsStr.audiobookshelf}, ${portsStr.kavita} } accept
         iifname "${wgInterface}" ip saddr ${subnets.wgGuests} ip daddr ${ips.homeServer}/32 icmp type echo-request accept
 
         iifname "${wgInterface}" ip saddr ${subnets.wgHomelab} ip daddr ${ips.homeServer}/32 accept