diff --git a/hosts/nixos-desktop/default.nix b/hosts/nixos-desktop/default.nix
index 1888a36..bf5a7ef 100644
--- a/hosts/nixos-desktop/default.nix
+++ b/hosts/nixos-desktop/default.nix
@@ -50,6 +50,8 @@
     };
   };
 
+  services.tailscale.enable = true;
+
   # Allow to externally control MPD
   networking.firewall.allowedTCPPorts = [ 6600 ];
 
diff --git a/modules/services/work-proxy.nix b/modules/services/work-proxy.nix
index 4e54cc7..e1fb2b1 100644
--- a/modules/services/work-proxy.nix
+++ b/modules/services/work-proxy.nix
@@ -14,78 +14,6 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    services.dnsmasq = {
-      enable = true;
-      settings = {
-        server = [
-          "/lefoyer.lu/127.0.0.1#1053"
-          "/foyer.lu/127.0.0.1#1053"
-          "/foyer.cloud/127.0.0.1#1053"
-          "1.1.1.1"
-        ];
-        no-resolv = true;
-        interface = "lo";
-        bind-interfaces = true;
-      };
-    };
-
-    networking = {
-      proxy = {
-        httpProxy = "http://127.0.0.1:${toString config.services.tinyproxy.settings.Port}";
-        httpsProxy = "http://127.0.0.1:${toString config.services.tinyproxy.settings.Port}";
-      };
-    };
-
-    services.tinyproxy = {
-      enable = true;
-      settings = {
-        LogLevel = "Info";
-        Port = 2345;
-        Upstream = [
-          ''upstream socks5 127.0.0.1:5080 ".lefoyer.lu"''
-          ''upstream socks5 127.0.0.1:5080 ".foyer.lu"''
-          ''upstream socks5 127.0.0.1:5080 ".foyer.cloud"''
-          ''upstream http   127.0.0.1:3128 ".microsoftonline.com"''
-        ];
-      };
-    };
-
-    services.redsocks = {
-      enable = false;
-      log_debug = true;
-      log_info = true;
-      redsocks = [
-        {
-          port = 12345;
-          proxy = "127.0.0.1:5080";
-          type = "socks5";
-          redirectCondition = "-d 10.134.0.0/16";
-          doNotRedirect = [
-            "-p tcp -m owner --uid-owner redsocks"
-            "-p tcp --dport 80"
-            "-p tcp --dport 443"
-          ];
-        }
-        # {
-        #   port = 12345;
-        #   proxy = "127.0.0.1:${toString config.services.tinyproxy.settings.Port}";
-        #   type = "http-relay";
-        #   redirectCondition = "--dport 80";
-        #   doNotRedirect = [
-        #     "-p tcp -m owner --uid-owner tinyproxy"
-        #   ];
-        # }
-        # {
-        #   port = 12346;
-        #   proxy = "127.0.0.1:${toString config.services.tinyproxy.settings.Port}";
-        #   type = "http-connect";
-        #   redirectCondition = "--dport 443";
-        #   doNotRedirect = [
-        #     "-p tcp -m owner --uid-owner tinyproxy"
-        #   ];
-        # }
-      ];
-    };
 
     security.pki.certificateFiles = [
       "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
@@ -95,7 +23,7 @@ in
 
     environment.variables = {
       JAVAX_NET_SSL_TRUSTSTORE = ./certs/cacerts;
-      JAVA_OPTS = "-Dhttp.proxyHost=localhost -Dhttp.proxyPort=${toString config.services.tinyproxy.settings.Port} -Dhttps.proxyHost=localhost -Dhttps.proxyPort=${toString config.services.tinyproxy.settings.Port} -Djavax.net.ssl.trustStore=${./certs/cacerts} -Djavax.net.ssl.trustStorePassword=changeit";
+      JAVA_OPTS = "-Djavax.net.ssl.trustStore=${./certs/cacerts} -Djavax.net.ssl.trustStorePassword=changeit";
     };
 
     home-manager.users.${config.user.name} = {