diff --git a/services/wireguard/install.sh b/services/wireguard/install.sh
index 85c73d7..e2cd5bd 100644
--- a/services/wireguard/install.sh
+++ b/services/wireguard/install.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 echo "Setting up Wireguard ..."
-apk add wireguard-tools
+apk add wireguard-tools wireguard-tools-openrc
 
 # Generate server private and public keys
 mkdir -p /etc/wireguard
@@ -20,7 +20,6 @@ echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.d/ip_forward.conf
 sysctl -p /etc/sysctl.d/ip_forward.conf
 
 # Auto-start Wireguard on boot
-apk add wireguard-tools-openrc
 ln -s /etc/init.d/wg-quick /etc/init.d/wg-quick.wg0
 rc-update add wg-quick.wg0
 rc-service wg-quick.wg0 start
\ No newline at end of file
diff --git a/todo.txt b/todo.txt
index e2a4622..2026455 100644
--- a/todo.txt
+++ b/todo.txt
@@ -1,12 +1,3 @@
 backup(), restore()
 
-Volume labels (label)
-
-Switch to NFTables or UFW.
-
-Firewall:
-- Block all traffic by default
-- Allow outgoing (wan) http,https,dns,ssh,ntp,ping
-- Allow incoming (wan) http,https,ssh,wireguard
-- Allow wireguard traffic to lan (so access for instance 192.168.2.x) and wan (access the internet),
-BUT only http,https,ping,dns
\ No newline at end of file
+Volume labels (label)
\ No newline at end of file