diff --git a/configuration.nix b/configuration.nix
index df9f72c..ee25c38 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,7 +1,8 @@
-{ config, pkgs, inputs, ... }:
+{ config, pkgs, inputs, modulesPath, ... }:
 
 {
   imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
     ./agenix.nix
     ./modules/minecraft.nix
     ./modules/hardening.nix
diff --git a/modules/hardening.nix b/modules/hardening.nix
index 9967e54..9233354 100644
--- a/modules/hardening.nix
+++ b/modules/hardening.nix
@@ -7,6 +7,7 @@
     allowedTCPPorts = [ 80 443 25565 ];  # Caddy HTTP/HTTPS + Minecraft
     allowedUDPPorts = [ 24454 ];         # Simple Voice Chat
     trustedInterfaces = [ "tailscale0" ]; # Full access over Tailscale (SSH, etc.)
+    checkReversePath = "loose"; # Required for Tailscale
     logRefusedConnections = true;
   };