diff --git a/machines/lasting-integrity/default.nix b/machines/lasting-integrity/default.nix
index 2e802b01..7a93d30c 100644
--- a/machines/lasting-integrity/default.nix
+++ b/machines/lasting-integrity/default.nix
@@ -67,7 +67,6 @@
     services = {
       garmin-scraper.enable = true;
       grafana.enable = true;
-      headscale.enable = true;
       mail.enable = true;
       mastodon.enable = true;
       matrix.enable = true;
diff --git a/modules/base/network/default.nix b/modules/base/network/default.nix
index 12a5a448..f1ac80ae 100644
--- a/modules/base/network/default.nix
+++ b/modules/base/network/default.nix
@@ -4,8 +4,5 @@
   imports = [
     ./ovh.nix
     ./mobile.nix
-    ./tailscale.nix
   ];
-
-  networking.firewall.checkReversePath = "loose";
 }
diff --git a/modules/base/network/tailscale.nix b/modules/base/network/tailscale.nix
deleted file mode 100644
index 97221757..00000000
--- a/modules/base/network/tailscale.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-{ ... }: {
-  services.tailscale.enable = true;
-}
diff --git a/modules/services/default.nix b/modules/services/default.nix
index 7066700b..9b0b7b65 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -8,7 +8,6 @@
     ./deluge
     ./garmin-scraper
     ./grafana
-    ./headscale
     ./mail
     ./mastodon
     ./matrix
diff --git a/modules/services/headscale/default.nix b/modules/services/headscale/default.nix
deleted file mode 100644
index 262f6897..00000000
--- a/modules/services/headscale/default.nix
+++ /dev/null
@@ -1,58 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  options.chvp.services.headscale.enable = lib.mkOption {
-    default = false;
-    example = true;
-  };
-
-  config = lib.mkIf config.chvp.services.headscale.enable {
-    networking.firewall = {
-      allowedTCPPorts = [ 50443 ];
-      allowedUDPPorts = [ 3478 ];
-    };
-    services = {
-      headscale = {
-        enable = true;
-        serverUrl = "https://headscale.vanpetegem.me";
-        privateKeyFile = config.age.secrets."passwords/services/headscale".path;
-        database = {
-          type = "postgres";
-          name = "headscale";
-          user = "headscale";
-          host = "/run/postgresql";
-        };
-        dns = {
-          domains = [ "vanpetegem.internal" ];
-          baseDomain = "vanpetegem.me";
-        };
-      };
-      postgresql = {
-        enable = true;
-        dataDir = "${config.chvp.dataPrefix}/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}";
-        ensureDatabases = [ "headscale" ];
-        ensureUsers = [{
-          name = "headscale";
-          ensurePermissions = { "DATABASE headscale" = "ALL PRIVILEGES"; };
-        }];
-      };
-    };
-    chvp.services.nginx.hosts = [
-      {
-        fqdn = "headscale.vanpetegem.me";
-        options.locations."/" = {
-          proxyPass = "http://localhost:8080";
-          extraConfig = ''
-            proxy_buffering off;
-            proxy_set_header X-Forwarded-Ssl on;
-          '';
-          proxyWebsockets = true;
-        };
-      }
-    ];
-    age.secrets."passwords/services/headscale" = {
-      file = ../../../secrets/passwords/services/headscale.age;
-      owner = "headscale";
-    };
-  };
-}
diff --git a/secrets.nix b/secrets.nix
index a664f3e6..ecfd29c8 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -53,8 +53,6 @@ in
 
   "secrets/passwords/services/acme.age".publicKeys = servers ++ users;
 
-  "secrets/passwords/services/headscale.age".publicKeys = [ lasting-integrity ] ++ users;
-
   "secrets/passwords/services/mastodon/otp.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/passwords/services/mastodon/key.age".publicKeys = [ lasting-integrity ] ++ users;
   "secrets/passwords/services/mastodon/vapid-public.age".publicKeys = [ lasting-integrity ] ++ users;
diff --git a/secrets/passwords/services/headscale.age b/secrets/passwords/services/headscale.age
deleted file mode 100644
index df751b86..00000000
--- a/secrets/passwords/services/headscale.age
+++ /dev/null
@@ -1,13 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 hKAFvQ bUJdedi6WFknMHBO0yUwDMVNzDfZGpb5WQfWxoRR6ig
-HxaqBOyI9j+tcJzTMWjYVoKbsY68Sl2K+UfN0mikzT0
--> ssh-ed25519 s9rb8g n2x0kV0upAR85Mykol111tU0V8xcfi0o2MAncV1GyQM
-yJDMGeliaiMpyFmmzF9zsIvua3EBc03TIvKT4LJzwN8
--> ssh-ed25519 yad4VQ vlx896wSYkhYqOA2ZfJ2cmo0vlmPGl3WH8D52xyKdg0
-+sThY/kHvJGZofKLuzOg6ABi5N/c5BEHv9F6exMw3XU
--> w-grease eksf:Dr4
-aKmCHJS6K12oH85lBRqARdvUz3iEDn/eMjw2QZ4AGnLjdXAjhDgpBpuIak9iZr7u
-KKKtCTzqEkhO5BAG+xlNcXQtPEOZQCV+WvuMMPOdxLxUVNBUcAzjlKgW5quj7FQ
---- rnya2T3ImTFIVMI5MxxhJ1DXLHJgSKwUMvcV5xkaZeU
-ñ¶ÖIzÓ6’ôÍÊÙýƒ°<ÓgÌ®NœOJ)ï>û/°_Ä¢v{Ì,ò ´´}µÅ’ñ•Öþ¢˜e~'Qµ°íþÒ‘0'¬ÍH'4ÝÞØ9Æaƒ×v
-œ–M™›j¿
\ No newline at end of file