diff --git a/hosts/sobotka/server.nix b/hosts/sobotka/server.nix
index 3ac263f5..e32de12f 100644
--- a/hosts/sobotka/server.nix
+++ b/hosts/sobotka/server.nix
@@ -33,7 +33,7 @@
       enable = true;
       namespace = "vpn";
       configFile = config.age.secrets.wgCredentials.path;
-      privateIP = "10.68.145.193/32";
+      privateIP = "10.68.145.193";
       dnsIP = "10.64.0.1";
     };
   };
diff --git a/modules/server/wireguard-netns/default.nix b/modules/server/wireguard-netns/default.nix
index 0f78085b..591d12b7 100644
--- a/modules/server/wireguard-netns/default.nix
+++ b/modules/server/wireguard-netns/default.nix
@@ -53,7 +53,7 @@ in {
             ${iproute2}/bin/ip link set wg0 netns ${cfg.namespace}
             ${iproute2}/bin/ip -n ${cfg.namespace} address add ${cfg.privateIP} dev wg0
             ${iproute2}/bin/ip netns exec ${cfg.namespace} \
-            wg setconf wg0 ${cfg.configFile}
+            ${wireguard-tools}/bin/wg setconf wg0 ${cfg.configFile}
             ${iproute2}/bin/ip -n ${cfg.namespace} link set wg0 up
             ${iproute2}/bin/ip -n ${cfg.namespace} link set lo up
             ${iproute2}/bin/ip -n ${cfg.namespace} route add default dev wg0