diff --git a/modules/services/wireguard.nix b/modules/services/wireguard.nix
index 6053c35..c78c78f 100644
--- a/modules/services/wireguard.nix
+++ b/modules/services/wireguard.nix
@@ -6,6 +6,7 @@
 }:
 let
   port = 51820;
+  interface = config.my.interfaces.${config.hostName};
 in
 {
   options.my.services.wireguard.enable = lib.mkEnableOption "enable";
@@ -15,17 +16,17 @@ in
       firewall.allowedUDPPorts = [ port ];
       nat = {
         enable = true;
-        externalInterface = config.my.interfaces.${config.hostName};
+        externalInterface = interface;
         internalInterfaces = [ "wg0" ];
       };
       wireguard.interfaces.wg0 = {
         ips = [ "10.100.0.1/24" ];
         listenPort = port;
         postSetup = ''
-          ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o enp2s0 -j MASQUERADE
+          ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ${interface} -j MASQUERADE
         '';
         postShutdown = ''
-          ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o enp2s0 -j MASQUERADE
+          ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ${interface} -j MASQUERADE
         '';
         privateKeyFile = config.sops.secrets."wireguard/private".path;
         peers = [