diff --git a/hosts/vps/mailserver/default.nix b/hosts/vps/mailserver/default.nix
index 89b09a6..7bc32a4 100644
--- a/hosts/vps/mailserver/default.nix
+++ b/hosts/vps/mailserver/default.nix
@@ -7,8 +7,6 @@
   };
 
   networking = {
-    nameservers = [ "127.0.0.1" "::1" ];
-    dhcpcd.extraConfig = "nohook resolv.conf";
     firewall = pkgs.lib.mkForce {
       enable = true;
       allowedTCPPorts = [
@@ -62,31 +60,6 @@
         PermitRootLogin = "prohibit-password";
       };
     };
-    dnscrypt-proxy2 = {
-      enable = true;
-      settings = {
-        cache = false;
-        ipv4_servers = true;
-        ipv6_servers = true;
-        dnscrypt_servers = true;
-        doh_servers = false;
-        odoh_servers = false;
-        require_dnssec = true;
-        require_nolog = true;
-        require_nofilter = true;
-        anonymized_dns = {
-          routes = [{ server_name = "*"; via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ]; }];
-        };
-        sources.public-resolvers = {
-          urls = [
-            "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
-            "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
-          ];
-          cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
-          minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
-        };
-      };
-    };
   };
   systemd = {
     timers = {
diff --git a/nixos/configs/default.nix b/nixos/configs/default.nix
index 17bf71b..330f1d6 100644
--- a/nixos/configs/default.nix
+++ b/nixos/configs/default.nix
@@ -22,7 +22,7 @@ in
     nova-nonya = novaConfig (with mods; [ ivand anon cryptocurrency ]);
     nova-ai = novaConfig (with mods; [ ivand ai ]);
     install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); };
-    vps = configWithModules { modules = (with mods; [ base shell security vps mailserver nginx wireguard-output ]); };
+    vps = configWithModules { modules = (with mods; [ base shell security vps mailserver nginx wireguard-output anonymous-dns ]); };
     stara-miner = configWithModules { modules = (essential ++ [ mods.monero-miner ]); };
   };
 }
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
index a2f304a..b88ba7b 100644
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@@ -451,5 +451,38 @@ top@{ inputs, moduleWithSystem, ... }: {
         };
       };
     });
+    anonymous-dns = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: {
+      networking = {
+        nameservers = [ "127.0.0.1" "::1" ];
+        dhcpcd.extraConfig = "nohook resolv.conf";
+      };
+      services = {
+        dnscrypt-proxy2 = {
+          enable = true;
+          settings = {
+            cache = false;
+            ipv4_servers = true;
+            ipv6_servers = true;
+            dnscrypt_servers = true;
+            doh_servers = false;
+            odoh_servers = false;
+            require_dnssec = true;
+            require_nolog = true;
+            require_nofilter = true;
+            anonymized_dns = {
+              routes = [{ server_name = "*"; via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ]; }];
+            };
+            sources.public-resolvers = {
+              urls = [
+                "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
+                "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
+              ];
+              cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
+              minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
+            };
+          };
+        };
+      };
+    });
   };
 }