diff --git a/src/config.js b/src/config.js
index 30f9221c..9ce1055c 100644
--- a/src/config.js
+++ b/src/config.js
@@ -16,6 +16,7 @@ module.exports.WG_DEFAULT_DNS = typeof process.env.WG_DEFAULT_DNS === 'string'
   ? process.env.WG_DEFAULT_DNS
   : '1.1.1.1';
 module.exports.WG_ALLOWED_IPS = process.env.WG_ALLOWED_IPS || '0.0.0.0/0, ::/0';
+module.exports.WG_HOMESERVER_ALLOWED_IPS = process.env.WG_HOMESERVER_ALLOWED_IPS || '';
 
 module.exports.WG_PRE_UP = process.env.WG_PRE_UP || '';
 module.exports.WG_POST_UP = process.env.WG_POST_UP || `
diff --git a/src/lib/WireGuard.js b/src/lib/WireGuard.js
index fba9c449..4869bbde 100644
--- a/src/lib/WireGuard.js
+++ b/src/lib/WireGuard.js
@@ -19,6 +19,7 @@ const {
   WG_DEFAULT_ADDRESS,
   WG_PERSISTENT_KEEPALIVE,
   WG_ALLOWED_IPS,
+  WG_HOMESERVER_ALLOWED_IPS,
   WG_PRE_UP,
   WG_POST_UP,
   WG_PRE_DOWN,
@@ -114,8 +115,8 @@ PresharedKey = ${client.preSharedKey}
 AllowedIPs = ${client.address}/32`;
       debug(client.name);
       debug(client.name === 'Homeserver');
-      if (client.name === 'Homeserver') {
-        result += ',10.0.0.0/24,10.0.3.0/24';
+      if (client.name === 'Homeserver' && WG_HOMESERVER_ALLOWED_IPS) {
+        result += ',' + WG_HOMESERVER_ALLOWED_IPS;
       }
     }