diff --git a/Caddyfile b/Caddyfile
index dc50e97..0101ff1 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -1,5 +1,15 @@
 # Components
 
+(private_network_only) {
+    @ipfilter {
+        not header X-Forwarded-For {$PRIVATE_NET_IP}
+    }
+
+    route @ipfilter {
+        respond "nty. :3" 418
+    }
+}
+
 (application_logging) {
 	log {
 		level INFO
@@ -43,6 +53,7 @@
 # Routes
 
 :53100 {
+    import private_network_only
 	import application_base "grafana" 3100
 }
 
@@ -55,6 +66,7 @@
 }
 
 :55000 {
+    import private_network_only
 	import application_base "registry" 5000
 }
 
@@ -67,5 +79,6 @@
 }
 
 :58112 {
+    import private_network_only
 	import application_base "deluge-web" 8112
 }
diff --git a/service.yml b/service.yml
index 26245d9..9255016 100644
--- a/service.yml
+++ b/service.yml
@@ -25,6 +25,7 @@ volumes:
 containers:
   - name: caddy
     image: caddy:2.8.4-alpine
+    env-file: /etc/opt/spadinastan/sesame.env
     volumes:
       - name: caddy-data
         container: /data