diff --git a/morph/lib/make-issuer.nix b/morph/lib/make-issuer.nix
index 1365277e91a318ada5a3fc933586cd5ef8d67b34..5d0c32b6672de1ea32da910c31c95533a84b7858 100644
--- a/morph/lib/make-issuer.nix
+++ b/morph/lib/make-issuer.nix
@@ -63,9 +63,8 @@
 
   services.private-storage.monitoring.vpn.client = {
     enable = true;
-    privateKeyFile = "/var/secrets/monitoringvpn/client.key";
+    privateKeyFile = /var/secrets/monitoringvpn/client.key;
     ips = ["172.23.23.11/24"];
-    allowedIPs = ["172.23.23.1/32"];
-    endpointPublicKeyFile = "/home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub";
+    endpointPublicKeyFile = /home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub;
   };
 }
diff --git a/nixos/modules/monitoring/vpn/client.nix b/nixos/modules/monitoring/vpn/client.nix
index 897d8e099cfcb9538677a70ca29487cea67a35b8..4ee5ed4e26dc7a586464ffc742b36e5a1be4632d 100644
--- a/nixos/modules/monitoring/vpn/client.nix
+++ b/nixos/modules/monitoring/vpn/client.nix
@@ -24,6 +24,7 @@ in {
     allowedIPs = lib.mkOption {
       type = lib.types.listOf lib.types.str;
       example = lib.literalExample [ "172.23.23.1/32" ];
+      default = [ "172.23.23.1/32" ];
       description = ''
         Limits which IPs this client receives data from.
       '';
diff --git a/nixos/modules/monitoring/vpn/server.nix b/nixos/modules/monitoring/vpn/server.nix
index 93c5c0d9133a3a3abb27e2a5472cf98ccee5ddbd..8670dca852387f052ced61f44a081eac571c5d05 100644
--- a/nixos/modules/monitoring/vpn/server.nix
+++ b/nixos/modules/monitoring/vpn/server.nix
@@ -24,7 +24,7 @@ in {
     };
     ips = lib.mkOption {
       type = lib.types.listOf lib.types.str;
-      example = lib.literalExample [ "172.23.23.10/24" ];
+      example = lib.literalExample [ "172.23.23.1/24" ];
       description = ''
         The IP addresses of the interface.
         See https://github.com/NixOS/nixpkgs/blob/nixos-20.09/nixos/modules/services/networking/wireguard.nix .
@@ -49,11 +49,11 @@ in {
       privateKeyFile = toString cfg.server.privateKeyFile;
       peers = [
         { # node1
-          allowedIPs = [ "192.168.42.21/32" ];
+          allowedIPs = [ "172.23.23.11/32" ];
           publicKey = "tZ295cvD98ixt/VH4dwPKNgHf9MuhuzsossOWBOOoGU=";
         }
         { # node2
-          allowedIPs = [ "192.168.42.22/32" ];
+          allowedIPs = [ "172.23.23.12/32" ];
           publicKey = "zDxWTejJDXRRmUiMZPC7eVSCDdyFikN9VI6cqapQ6RY=";
         }
       ];